On 02/03/2017 19:28, Alejandro Tejada via use-livecode wrote:
How difficult would be to guess a sha1 digest, if we repeat it many,
many times? Just as Peter Brett wrote in a previous message:

put sha1Digest(sha1Digest(sha1Digest(tData))) -- 3 times!!!!!

Don't do this. It will make it _easier_ to generate collisions, because each successive iteration loses some information from the input -- i.e. the scheme you suggest _reduces_ security.

When performing repeated hashing, you need to feed the original data in again at each stage. See this Stack Overflow answer for a very detailed explanation: https://stackoverflow.com/a/17396367/266449

The summary is that you need the following formulation to ensure security for repeated hashing:

    put sha1Digest(tData & sha1Digest(tData & sha1Digest(tData)))
    -- etcetera.


Dr Peter Brett <peter.br...@livecode.com>
LiveCode Technical Project Manager

lcb-mode for Emacs: https://github.com/peter-b/lcb-mode

use-livecode mailing list
Please visit this url to subscribe, unsubscribe and manage your subscription 

Reply via email to