Design for max hash size given N-digit numerical input and collision related target -

-

assume hacker obtains data set of stored hashes, salts, pepper, , algorithm , has access unlimited computing resources. wish determine max hash size certainty of determining original input string nominally equal target certainty percentage.

constraints:

the input string limited 8 numeric characters uniformly distributed. there no inter-digit relation such checksum digit.

the target nominal certainty percentage 1%.

assume hashing function uniform.

what maximum hash size in bytes there nominally 100 (i.e. 1% certainty) 8-digit values compute same hash? should possible generalize n numerical digits , x% accepted answer.

please include whether there issues using first n bytes of standard 20 byte sha1 acceptable implementation.

it recognized this approach increase susceptibility brute force attack increasing possible "correct" answers there design trade off , additional measures may required (time delays, multiple validation stages, etc).

it appears want ensure collisions, idea if hacker obtained everything, such it's assumed can brute force hashed values, not end original values, set of possible original values each hashed value.

you achieve executing precursor step before normal cryptographic hashing. precursor step folds set of possible values smaller set of possible values. can accomplished variety of means. basically, applying initial hash function on input values. using modulo arithmetic described below simple variety of hash function. other types of hash functions used.

if have 8 digit original strings, there 100,000,000 possible values: 00000000 - 99999999. ensure 100 original values hash same thing, need map them space of 1,000,000 values. simplest way convert strings integers, perform modulo 1,000,000 operation , convert string. having done following values hash same bucket: 00000000, 01000000, 02000000, ....

the problem hacker not know 100 values hashed value be, know surety 6 of 8 digits are. if real life variability of digits in actual values being hashed not uniform on positions, hacker use around you're trying do.

because of that, better choose modulo value such full range of digits represented evenly every character position within set of values map same hashed value.

if different regions of original string have more variability other regions, want adjust that, since static regions easier guess anyway. part hacker want highly variable part can't guess. breaking 8 digits regions, can perform pre-hash separately on each region, modulo values chosen vary degree of collisions per region.

as example break 8 digits 000-000-00. prehash convert each region separate value, perform modulo, on each, concatenate them 8 digit string, , normal hashing on that. in example, given input of "12345678", 123 % 139, 456 % 149, , 78 % 47 produces 123 009 31. there 139*149*47 = 973,417 possible results pre-hash. so, there 103 original values map each output value. give idea of how ends working, following 3 digit original values in first region map same value of 000: 000, 139, 278, 417, 556, 695, 834, 973. made on fly example, i'm not recommending these choices of regions , modulo values.

if hacker got everything, including source code, , brute forced all, end values produced pre-hash. particular hashed value, know that 1 of around 100 possible values. know possible values, wouldn't know of original value produced hashed value.

you should think hard before going route. i'm wary of departs standard, accepted cryptographic recommendations.


Comments

Post a Comment

Popular posts from this blog

plot - Remove Objects from Legend When You Have Also Used Fit, Matlab -

-
Image
i've plotted data points , fitted exponential curve between them using 'fit' in matlab. problem fit-function got fitted line wanted plot, markers on top of regular markers. solved problem plotting wanted markers on top of unwanted couldn't seen. problem. when want show legends dots in there. how can remove markers legend without removing fitted line since both of them hidden inside fit-function? can stop 'fit' plotting unwanted markers? so, want remove blue dot called 'hoff' in picture below. you can leave out legend-entries manually leaving out handles of lines, dont want in legend. try this: %if plot something, want showing in legend, save handle: h_line = plot(x,y) %you dont want show line? dont anything, plot it: plot(mymarker) %then set legend-> can add text legend-entries %a cell-array containing strings want show up: legend([h_line another_line],{'text1' 'text2'}) with example (see comments) came solution:
Read more

java - Why does my date parsing return a weird date? -

-
here code using: string string = "08/07/2013".replace('/', '-'); date date = new simpledateformat("yyyy-mm-dd").parse(string); why date return: "wen jan 3 00:00:00 est 14"? not @ date format told use. edit: need format because database using requires format. the format use parse date string, not match it. using yyyy 08 . use following format: new simpledateformat("dd-mm-yyyy") and why @ replacing / - ? can build pattern original string only: string string = "08/07/2013" date date = new simpledateformat("dd/mm/yyyy").parse(string); and if want date string in yyyy-mm-dd format, can format date using dateformat#format(date) method: string formatteddate = new simpledateformat("yyyy-mm-dd").format(date); see also: change date format in java string simpledateformat java doc
Read more

Need help in packaging app using TideSDK on Windows -

-
i developed application using tidesdk on windows , when click launchapp works fine. moved package , installed imagemagick , wix 3.0 required packaging on windows. clicked on package runtime , cannot guess packaged app is? found file 'installer' in workspace when click on it says installer not find application path . think application not being packaged properly. here log see in tidesdk: preparing package desktop app runtime. 1 moment... staging trial -> copying contents d:\lab\tidesdk\trial d:\lab\tidesdk\trial\packages\win32\bundle\trial -> copying installer c:\programdata\tidesdk\sdk\win32\1.3.1-beta\installer d:\lab\tidesdk\trial\packages\win32\bundle\trial -> copying runtime d:\lab\tidesdk\trial\packages\win32\bundle\trial -> date: d:\lab\tidesdk\trial\packages\win32\bundle\trial\modules\app\1.3.1-beta -> date: d:\lab\tidesdk\trial\packages\win32\bundle\trial\modules\codec\1.3.1-beta -> date: d:\lab\tidesdk\trial\packages\win32\bundle\trial\mod
Read more