On 02/03/2017 19:28, Alejandro Tejada via use-livecode wrote:
How difficult would be to guess a sha1 digest, if we repeat it many,
many times? Just as Peter Brett wrote in a previous message:
put sha1Digest(sha1Digest(sha1Digest(tData))) -- 3 times!!!!!
Don't do this. It will make it _easier_ to generate collisions, because
each successive iteration loses some information from the input -- i.e.
the scheme you suggest _reduces_ security.
When performing repeated hashing, you need to feed the original data in
again at each stage. See this Stack Overflow answer for a very detailed
The summary is that you need the following formulation to ensure
security for repeated hashing:
put sha1Digest(tData & sha1Digest(tData & sha1Digest(tData)))
Dr Peter Brett <peter.br...@livecode.com>
LiveCode Technical Project Manager
lcb-mode for Emacs: https://github.com/peter-b/lcb-mode
use-livecode mailing list
Please visit this url to subscribe, unsubscribe and manage your subscription