Re: Is it necessary to store the entire MD5, etc. hash for validation?
From: Joseph Ashwood (ashwood_at_msn.com)
Date: 04/13/05
- Next message: D. J. Bernstein: "Re: Potential DoS on Bittorrent"
- Previous message: David Eather: "Re: help with coded message"
- In reply to: rob.yampolsky_at_encodasystems.com: "Is it necessary to store the entire MD5, etc. hash for validation?"
- Next in thread: Rob Yampolsky: "Re: Is it necessary to store the entire MD5, etc. hash for validation?"
- Reply: Rob Yampolsky: "Re: Is it necessary to store the entire MD5, etc. hash for validation?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 13 Apr 2005 01:57:09 GMT
<rob.yampolsky@encodasystems.com> wrote in message
news:1113350727.727160.310710@o13g2000cwo.googlegroups.com...
>I want to store the last 10 passwords used on a legacy database that,
> unfortunately, has a 1K record size limit.
>
> My passwords need to be >8 characters, so I can't just use crypt() to
> encrypt them. I'd like to use MD5 or some other algorithm that
> generates a big hash, but I don't have room to store 10x128+ bytes.
I think you are mistaken about the size of the output of hash functions,
they are measured in bits, so your 10 last passphrases would take only 1280
bits or 160 bytes, in fact in 1024 bytes you could store the last 64
passphrase hashes used if you use MD5 (not recommended), or the last 32
passphrase hashes if you use SHA-256 (much better security), in fact you
could even move to SHA-512 and still be able to store 16 passphrase hashes
over 50% more than your requirements.
> So... Is it a reasonable thing to do to store just the first half (or
> every other byte, or something) of a big hash and use that to verify
> that I can regenerate a hash whose first half matches?
>
> In other words, are these hashes unique enough that I'm pretty sure no
> two reasonable password attempts will generate a hash with the same
> first half?
>
It is perfectly acceptable to simply take whatever bits you choose from the
cryptographic hash output, just be aware that you will be weakening the hash
according to the amount you shorten it. There may be a miniscule advantage
to alternative methods based on the hash used, but those advantages would be
quickly overpowered by simply using a better hash. This decision really does
seem rather unnecessary though, you said you have 1KB to work with,
basically any modern cryptographic hash should give you the room necessary
to store the last several hashes.
Joe
- Next message: D. J. Bernstein: "Re: Potential DoS on Bittorrent"
- Previous message: David Eather: "Re: help with coded message"
- In reply to: rob.yampolsky_at_encodasystems.com: "Is it necessary to store the entire MD5, etc. hash for validation?"
- Next in thread: Rob Yampolsky: "Re: Is it necessary to store the entire MD5, etc. hash for validation?"
- Reply: Rob Yampolsky: "Re: Is it necessary to store the entire MD5, etc. hash for validation?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
