Collaborate Disseminate
My plan is to convert a passphrase in UTF-8 ASCII-US to Unit8Array(32) then use it in:
256bitsKey = Unit8Array(32) from passphase
iv = window.crypto.getRandomValues(new Uint8Array(32));
CryptoJS.enc.encrypt(data, 256bitsKey , {iv: iv});
… Continue reading How to convert passphrase to AES256 key?
I was wondering if generation of sequential hashes from random seed can be considered "random enough" to be used in cryptographic operations?
By sequential hashes I mean the following:
First we create a hash using e.g. SHA512 fro… Continue reading Can iterated hashes be used to create cryptographically secure random data from strong random seed?
When it comes to hashing passwords, it is nowadays practice to do 100’000 or 200’000 iterations of SHA256/SHA512, or at least something in that ballpark.
But my question is, why is it not safe enough to just do a very small but unusual num… Continue reading Why not just use a small but unusual number of hashing rounds?
I believe that this question was answered already, though I couldn’t find it.
I have several strings that include hash. Each string has hash and some random (or not) add-on.
How can I identify the type of hash that is hidden inside a strin… Continue reading Identify hash pattern inside a string [duplicate]
I need validation / feedback please with the implementation of a web based client-server application that I am building.
I need to make sure that a client’s cookies can’t be hijacked and therefore I have introduced a nonce.
So with each re… Continue reading Using predictable incrementing nonces
this problem introduces a hash function similar in spirit to sha that operates on letters instead of binary data. it is called the toy tetragraph hash (tth).9 given a message consisting of a sequence of letters, tth produces a hash value c… Continue reading Simple problem of computer security [closed]
John the Ripper is unable to crack my SHA1 hashed password:
john –wordlist=rockyou.txt testing.txt
Whenever I do this in Kali Linux, I get this response:
Loaded 1 password hash (Raw-SHA1 [SHA1 256/256 AVX2 8x]) Warning: no OpenMP support… Continue reading John the Ripper is unable to crack my SHA1 hashed password
I’m working on a API which is serving content based on user requests. What I’d like to achieve is as follows: Having a constant key stored both on the server and the client machine (as a means of identifying a specific user) I’d like to be… Continue reading One-way cryptographic algorithm with distinct output and verifiable property
Assuming the hashing includes properly implemented salting and uses a proper password stretching algorithm such as scrypt, and that the encryption algorithm is a secure symmetric algorithm with a random key.
If an attacker gets access to p… Continue reading Why is storing a password hashed more secure than storing it encrypted? [duplicate]
Why is it necessary to store operating system passwords hashed? From what I’ve learned, passwords are stored on the hard drive/SSD in /etc/shadow. However, if a malicious agent was able to get access to this file, doesn’t that mean they ca… Continue reading What is the point of storing hashed passwords? If that file is read, doesn’t that mean the computer has already been compromised?