这个散列对安全性有利吗? [英] Is there an advantage to this hash for security?
问题描述
是否有任何优势
sha1(sha1(sha1($ password。$ salt)));
基本上有多个sha1节只有一个sha1
sha1($ password。$ salt);
请不要重复
首先, sha1(sha1(sha1(在每次迭代中,sha1($ input)))仅对副作用增加碰撞机会 * 。增加碰撞的可能性是一件非常糟糕的事情。 为了不用信任自己动手的密码学,为什么不信任实际专家在该领域制作的图书馆?使用便携式PHP密码哈希框架。
PHPass实际上使用 bcrypt ,这是一种旨在防止彩虹表,字典和暴力攻击的算法。你可以用几轮来初始化它:轮次越高,计算哈希所用的时间就越长。这样,如果处理能力增加,就可以创建更强大的哈希值。
* 第一次调用to 为什么每次调用 Is there any advantage to Basically having multiple sha1 verses just one sha1
Do not, I repeat, DO NOT attempt to make your password hash safer by doing "special" things do your hash. First of all, Instead of trying your hand at do-it-yourself cryptology, why not trust libraries made by actual experts in the field? Use the Portable PHP password hashing framework. PHPass actually uses bcrypt, which is an algorithm designed to prevent rainbow table, dictionary and brute force attacks. You can initialize it with a number of rounds: the higher the rounds, the longer it takes to compute the hash. That way, you can create stronger hashes if processing power increases. * The first call to Why does each call to 这篇关于这个散列对安全性有利吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋! sha1()接受无限输入并创建一个 2 160 输出。第二次迭代需要 2 160 输入,并从 x <= 2 160 。第三次迭代使用 x 输入,并从 y 输出中创建一个输出,其中 y < = x <= 2 160 。
sha1()都会减少可能的输出量?因为 sha1()后面的算法不是为散列的一对一匹配而设计的。从理论上讲,如果要散列每个可能的散列,你必然会发生冲突。sha1(sha1(sha1($password. $salt)));
sha1($password. $salt);
sha1(sha1(sha1($input))) only has for side effect to increase the chance of collision* on each iteration. Increasing the chance of collisions is a very bad thing.
sha1() takes infinite input and creates one out of 2160 outputs. The second iteration takes 2160 inputs and creates one out of x outputs, where x <= 2160. The third iteration takes x input and creates one out of y outputs, where y <= x <= 2160.sha1() reduces the amount of possible outputs? Because the algorithm behind sha1() was not designed for one-to-one matching of the hashes. Theoretically, you are bound to have collisions if you were to hash every possible hash.
