sha

What's the difference between SHA and MD5 (in PHP)?

When you're hashing a password (or anything else) in PHP, does it make any difference if you use SHA or MD5? ...

Is my OCaml implementation of SHA256 sane?

I'm a novice OCaml programmer and thought I would throw myself into the deep end by attempting to implement a very tricky algorithm. I'm open to all criticisms great and small be they stylistic or security or performance related. One criticism that I'm already aware of is that the algorithm requires the entire message to fit in memor...

Delphi: How to calculate the SHA hash of a large file

Hi I need to generate a SHA over a 5 Gig file Do you know of a non string based Delphi library that can do this ? ...

Is MD5 less secure than SHA et. al. in a practical sense?

I've seen a few questions and answers on SO suggesting that MD5 is less secure than something like SHA. My question is, Is this worth worrying about in my situation? Here's an example of how I'm using it: On the client side, I'm providing a "secure" checksum for a message by appending the current time and a password and then hashing ...

Java Encode SHA-1 Byte Array

I have an SHA-1 byte array that I would like to use in a GET request. I need to encode this. URLEncoder expects a string, and if I create a string of it and then encode it, it gets corrupt? To clarify, this is kinda a follow up to another question of mine. (Bitorrent Tracker Request) I can get the value as a hex string, but that is not...

SHA-1 Hashes Mixed with Strings

I have to parse something like the following "some text <40 byte hash>" can i read this whole thing in to a string without corrupting 40 byte hash part? The thing is hash is not going to be there so i don't want to process it while reading. EDIT: I forgot to mention that the 40 byte hash is 2x20 byte hashes no encoding raw bytes. ...

How can I create the hash of a webpage in java?

I need to create the hash of a the html of a webpage (from its URL) using SHA1 or MD5 in java, but I don't know how to do it... can you help me? ...

How do I convert password hashing from MD5 to SHA?

I've got an old application that has user passwords stored in the database with an MD5 hash. I'd like to replace this with something in the SHA-2 family. I've thought of two possible ways to accomplish this, but both seem rather clunky. 1) Add a boolean "flag" field. The first time the user authenticates after this, replace the MD5 pas...

RIPEMD-160 vs SHA-256

Can anyone shed some light into SHA-256 and RIPEMD-160, which algorithm is normally faster and what are the performance and space comparisons, if any? By space comparisons I don't mean 160 bits and 256 bits, but what are the collisions frequency, difference in space requirements in production env. and time to calculate both. Is RIPEMD-16...

i want to convert 160-bit to integer

i am using SHA1 so i want to convert the output of this SHA1 to integer ...

Does this TPM emulator follow TPM spec for extending PCR register?

The following code is from TPM emulator from Mario Strasser. The spec says, PCR := SHA1(PCR || data) reads "concatenate the old value of PCR with the data, hash the concatenated string and store the hash in PCR". It's not PCR := PCR BITWISE-OR SHA1(data) nor PCR := SHA1(PCR BITWISE-OR data) TPM_RESULT TPM_Extend(TPM_PCRINDEX pcrNum,...

What algorithm should be used when doing filechecksums to find dupes?

Is taking a MD5 sum still suitable for checking for file dupes? I know that it isn't secure, but does that really matter in the case of trying to find file dupes? Should I be using something in the SHA family instead? What is best practice in this use case? ...

Hashing in SHA512 using a salt? - Python

Hi folks, I have been looking through ths hashlib documentation but haven't found anything talking about using salt when hashing data. Help would be great. ...

Is it okay to truncate a SHA256 hash to 128 bits?

MD5 and SHA-1 hashes have weaknesses against collision attacks. SHA256 does not but it outputs 256 bits. Can I safely take the first or last 128 bits and use that as the hash? I know it will be weaker (because it has less bits) but otherwise will it work? Basically I want to use this to uniquely identify files in a file system that migh...

MessageDigest SHA-512 different than openssl

I can't figure out what I'm doing wrong here. I have the following code: byte[] digest = new byte[0]; MessageDigest md = null; try{ md = MessageDigest.getInstance( "SHA-512" ); } catch( NoSuchAlgorithmException e ) { return digest; } digest = md.digest( myString.getBytes() ); Looking at the hex values of digest byte[] in the ...

How detect a Git SHA ID in a text

A Git SHA ID looks like this one 351e11dac558a764ba83f89c6598151d2dbaf904, it is a long hex number. But how should it be detected in a text? Search for "words" which only contain 0-9,a-f and have a length of at least 20 characters? But how to distinguish SHA IDs from normal words? ...

Hashing no longer works in .Net 4.0 despite MSDN workarounds

I have an existing app in production that uses SqlMembershipProvider and has a specified machine key: <machineKey validationKey="..." decryptionKey="..." validation="SHA1" decryption="AES"/> It runs under .Net 2.0 AppPool currently. I'm writing a new application that has to use the existing database, which I have a backu...

Is it safe to ignore the possibility of SHA collisions in practice?

Let's say we have a billion unique images, one megabyte each. We calculate the SHA-256 hash for the contents of each file. The possibility of collision depends on: the number of files the size of the single file How far we can go ignoring this possibility, assuming it is zero? ...