什么是密码散列? [英] What is password hashing?
问题描述
散列密码是什么意思?
推荐答案
定义:
Hashing 是将函数 f()
应用于可变大小输入以产生恒定大小的输出.
Definition:
Hashing is the application of a function f()
to a variable sized input to produce a constant sized output.
A => f() => X
B => f() => Y
C => f() => Z
散列也是一种单向函数,这意味着不存在反转或撤消散列的函数.同样,重新应用散列 f(f(x))
不会再次产生 x
.
A hash is also a one-way function which means that there isn't a function to reverse or undo a hash. As well re-applying the hash f(f(x))
isn't going to product x
again.
细节:
散列函数可以像在输入中添加 13"一样简单,也可以像加密散列 例如 MD5 或 SHA1.有很多东西可以构成一个好的散列函数,例如:
A hash function can be as simple as "add 13 to the input" or complex like a Cryptographic Hash such as MD5 or SHA1. There are many things that constitute a good hash function like:
- 低成本:易于计算
- 确定性:如果我将输入
a
散列多个次,我每次都会得到相同的输出 - Uniformity:输入将均匀分布在可能的输出中.这符合所谓的鸽巢原则.由于输出数量有限,我们希望
f()
将这些输出均匀放置,而不是放在同一个桶中.当两个输入计算到相同的输出时,这称为碰撞.哈希函数产生更少的冲突是一件好事.
- Low Cost: Easy to compute
- Deterministic: if I hash the input
a
multiple times, I am going to get the same output each time - Uniformity: The input will be evenly distributed among the possible outputs. This falls in line with something called the Pigeonhole Principle. Since there are a limited number of outputs we want
f()
to place those outputs evenly instead of in the same bucket. When two inputs compute to the same output this is known as a collision. It's a good thing for a hash function to produce fewer collisions.
应用于密码的哈希:
密码的散列与上述过程相同,但有一些特殊的考虑.构成良好散列函数的许多属性在涉及密码时都无济于事.
The hashing of passwords is the same process as described above, however it comes with some special considerations. Many of the properties that make up a good hash function are not beneficial when it comes to passwords.
以确定性为例,因为当两个人使用相同的密码时,哈希会产生确定性的结果,因此哈希在密码存储中看起来是相同的.这是一件坏事!然而,这可以通过一种叫做 salt 的东西来缓解.
Take for example determinism, because hashes produce a deterministic result when two people use the same password the hash is going to look the same in the password store. This is a bad thing! However this is mitigated by something called a salt.
一致性另一方面是有益的,因为希望算法限制冲突.
Uniformity on the other hand is beneficial because the desire is for the algorithm to limit collisions.
因为散列是单向意味着无法从输出中确定输入,这就是散列非常适合密码的原因!
Because a hash is One-Way means the input cannot be determined from the output, which is why hashing is great for passwords!
这篇关于什么是密码散列?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!