sha

Changing the hashing function on a pre-existing database

て烟熏妆下的殇ゞ 提交于 2019-12-05 11:11:05
I'm doing a bit of reading on hashing for passwords. I've seen that SHA-256 > MD5. This got me thinking about how an app may deal with changing from one hashing function to another. What happens if someone implements an app that hashes their passwords using MD5. They then decide that SHA-256 is the way to go. But of course the password hashes stored in the database are in MD5. What is the process for migrating the data in the database from one hashing function to another? Thomas Pornin It is not possible to "unhash" passwords (at least not in a general, efficient and reliable way -- you can

Password Hashing - Why salt 60,000 times

旧街凉风 提交于 2019-12-05 11:05:42
I'm working for a Fortune 100 company and I'm thrown into being tasked with security moving from SHA1 to SHA-2 . This is not my area of expertise, but as I study cryptography I am questioning the outdated information etc... SHA-2 is obviously needed over SHA-1 but when the security team KNOWS that the hashing of password + salt is using SHA, with GPU being so ridiculously fast at cracking billions of hashes - I do not get why for passwords i'm not being told to use bcrypt or another equivalent that is slow , WHY? I'm shown a powerpoint slide in which i'm told to create my salt 60,000 times. I

How to get SHA of file for specific Git commit?

柔情痞子 提交于 2019-12-05 08:47:50
Is there a way to get SHA of file for specific Git commit? It's possible with 2 commands: retrieving file git show COMMIT_VERSION:myfile.txt > ~/tmp/myfile.txt calculating SHA git hash-object ./tmp/myfile.txt But, maybe there's specific command in Git that does exactly that? git ls-tree COMMIT_VERSION myfile.txt appears to contain the same result in its third field. 来源: https://stackoverflow.com/questions/12017185/how-to-get-sha-of-file-for-specific-git-commit

Converting String to Sha-256 Hash

|▌冷眼眸甩不掉的悲伤 提交于 2019-12-05 06:29:17
问题 I want to convert a String to a SHA-256 Hash. I am using this code: String text = "YOLO"; MessageDigest digest = MessageDigest.getInstance("SHA-256"); byte[] hash = digest.digest(text.getBytes("UTF-8")); System.out.println(hash.toString()); The problem is, when I start the program, it prints [B@28d93b30 Why is this, and how can solve this? Thanks in advance, Fihdi 回答1: As others have mentioned, you're using the default toString() method which simply outputs the class name and hashcode If you

Windows 10 ignores Authenticode on my setups files

房东的猫 提交于 2019-12-05 00:59:14
问题 Being on the "Fast Ring" of Windows 10, I got a strange behaviour on my own setup executables: I'm SHA-1 signing them with Authenticode since years the same way and never had any problems. Recently Windows 10 does not recognize my (valid) signatures. When downloading a setup.exe from my website and executing it, the Windows SmartScreen message box appears and tells me: ... Publisher: unknown ... When viewing the properties of the just downloaded setup executable, it shows the signature, and

Is it possible to decrypt SHA1 [duplicate]

こ雲淡風輕ζ 提交于 2019-12-04 23:45:50
This question already has answers here : Is it possible to reverse a sha1? (9 answers) Closed 5 years ago . Is it possible to decrypt(retain the actual string) the password which is saved in db using SHA1 algorithm. Example:If password is "password" and it is stored in db as "sha1$4fb4c$2bc693f8a86e2d87f757c382a32e3d50fc945b24" ,is any chance to retain the same "password"(string) from "sha1$4fb4c$2bc693f8a86e2d87f757c382a32e3d50fc945b24" SHA1 is a cryptographic hash function, so the intention of the design was to avoid what you are trying to do. However, breaking a SHA1 hash is technically

Shortest hash? MD5 / SHA . First chars, git

故事扮演 提交于 2019-12-04 22:16:21
问题 I need hash function. Users will be write these hash to computer so hash should be short. I will have about 50 000 000 records in database. Each must have own hash. I would like to have unique hashes. But if a little records have the same hash, I can accept. Unique is better. MD2 is good secure for me, but hash is long: "8350e5a3e24c153df2275c9f80692773" - 32 chars. If you must write 10 MD2 hash on keybord you do not happy... Git use SHA1 for each commit (40 chars). But in output show only

How to calculate sha256 faster in java?

我与影子孤独终老i 提交于 2019-12-04 21:09:35
问题 I have found out that calculating sha256 in java is slow. For example, it is slower than python. I wrote two simple benchmarks that calculate sha256 of 1GB of zeroes. In both cases the result is the same and correct, but the python time is 5653ms and the java time is 8623ms(53% slower). The result is similar every time and this is an important difference for me. How to make the calculation in java faster? Benchmarks: Java: import java.security.MessageDigest; import java.security

Why does SHA1.ComputeHash fail under high load with many threads?

≯℡__Kan透↙ 提交于 2019-12-04 19:25:26
问题 I'm seeing an issue with some code I maintain. The code below has a private static SHA1 member (which is an IDisposable but since it's static , it should never get finalized). However, under stress this code throws an exception that suggests it has been closed: Caught exception. Safe handle has been closed" Stack trace: Call stack where exception was thrown at System.Runtime.InteropServices.SafeHandle.DangerousAddRef(Boolean& success) at System.Security.Cryptography.Utils.HashData

What is the SHA-256 hash of a single “1” bit?

我的未来我决定 提交于 2019-12-04 17:53:56
问题 The definition of SHA-256 appears to be such that the input consisting of a single "1" bit has a well-defined hash value, distinct from that of the "01" byte (since the padding is done based on input's length in bits). However, due to endianness issues and the fact that no implementations that I can find support feeding in single bits, I can't quite figure out what this correct value is. So, what is the correct hash of the 1-bit long input consisting of the bit "1"? (not the 8-bit long byte[]
订阅 sha