在流腌制一个C#MD5 ComputeHash [英] Salting a C# MD5 ComputeHash on a stream
问题描述
我看不到任何方式盐MD5.ComputeHash(流)。
我失去了注射字节到的HashAlgorithm的某种方式?
我试过执行流计算之前执行ComputeHash(字节[]),但是,勿庸置疑,它没有任何效果。任何想法(除了修改文件)?
感谢您的时间。
附录
只是要更具体一点,我想用一个流得到关于我不想加载到内存较大的文件的哈希值。
FileInfo的myFI =新的FileInfo(bigfile.dat);
的FileStream myIFS = piFile.OpenRead();
MD5 MD5 = MD5.Create();
字节[] =哈希md5.ComputeHash(myIFS);
myIFS.Close();
答案缺少的例子在我看来:你并不真的需要它盐
如MD5哈希算法将任意长度的字节表,并将其转换为已知长度的字节表 - 操作不容易在输出表中输入表导致不可预知的变化可逆的和小的变化:
输入=> MD5 =>输出
盐析的目的是保护免受攻击,其中用户具有散列结果已经预先计算表(彩虹表的)。通过在输入引入小的变化,其结果是变化急剧,因此,即使攻击者知道了散列结果和盐,这是非常难以猜测的输入:
输入+盐=> MD5 =>输出
原因散列文件是计算校验和。例如。您发布的网页上的文件的散列结果一起。然后用户下载文件,运行它通过MD5,并将结果与已发布的结果进行比较。这将是非常困难与文件篡改,因为每个操作会改变所得散列
盐腌是没有必要在这里,因为你必须发布盐与结果散列,使用户可以重复哈希运算。
如果你真的需要引入腌制,只是改变了输入流中的可重复的方式,例如:添加一个(有溢出)到每个字节。
I can't see any way to salt a MD5.ComputeHash(Stream). Am I missing some way of injecting bytes into the HashAlgorithm?
I tried performing a ComputeHash(byte[]) before performing the stream compute, but, unsurprisingly, it had no effect. Any ideas (apart from modifying the file)?
Thanks for your time.
addendum Just to be a little more specific, I want to use a stream to get a hash on a large file that I don't want to load into memory.
FileInfo myFI= new FileInfo("bigfile.dat");
FileStream myIFS = piFile.OpenRead();
MD5 md5 = MD5.Create();
byte[] hash = md5.ComputeHash ( myIFS );
myIFS.Close ();
The answer to the lack of examples is in my opinion: you don't really need to salt it.
The hash algorithm like MD5 takes a table of bytes of arbitrary length and converts it to a table of bytes of known length - the operation is not easily reversible and small changes to the input table cause unpredictable changes in the output table:
input => MD5 => output
The purpose of salting is protection against attacks where user has already precomputed table of hash results (rainbow tables). By introducing small changes in the input, the results are change drastically, so even if attacker knows the hash result and the salt, it is very difficult to guess the input:
input + salt => MD5 => output
The reason for hashing files is to compute a checksum. E.g. you publish a file on your web page along with the hash result. User then downloads a file, runs it through MD5 and compares the result with your published result. It would be very difficult to tamper with the file, because each manipulation would change the resulting hash.
Salting is not necessary here, because you would have to publish the salt with the resulting hash, so that the user can repeat the hashing operation.
If you really need to introduce salting, just change the input stream in the repeatable way, e.g. add one (with overflow) to each byte.
这篇关于在流腌制一个C#MD5 ComputeHash的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
