Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.java.programmer > #18821 > unrolled thread

get hexadecimal hash string for a number

Back to article view | Back to comp.lang.java.programmer

Contents

  get hexadecimal hash string for a number Magnus Warker <magnux@mailinator.com> - 2012-09-18 18:25 +0200
    Re: get hexadecimal hash string for a number markspace <-@.> - 2012-09-18 10:08 -0700
      Re: get hexadecimal hash string for a number Lew <lewbloch@gmail.com> - 2012-09-18 10:14 -0700
      Re: get hexadecimal hash string for a number Arne Vajhøj <arne@vajhoej.dk> - 2012-09-18 19:58 -0400
        Re: get hexadecimal hash string for a number markspace <-@.> - 2012-09-18 17:27 -0700
          Re: get hexadecimal hash string for a number Arne Vajhøj <arne@vajhoej.dk> - 2012-09-18 21:17 -0400
          Re: get hexadecimal hash string for a number Arne Vajhøj <arne@vajhoej.dk> - 2012-09-18 21:21 -0400
        Re: get hexadecimal hash string for a number Magnus Warker <warker@mailinator.com> - 2012-09-19 08:27 +0200
          Re: get hexadecimal hash string for a number Arne Vajhøj <arne@vajhoej.dk> - 2012-09-19 18:30 -0400
          Re: get hexadecimal hash string for a number Kevin McMurtrie <mcmurtrie@pixelmemory.us> - 2012-09-19 19:06 -0700
            Re: get hexadecimal hash string for a number Magnus Warker <warker@mailinator.com> - 2012-09-20 11:32 +0200
    Re: get hexadecimal hash string for a number Lew <lewbloch@gmail.com> - 2012-09-18 10:10 -0700
      Re: get hexadecimal hash string for a number Arne Vajhøj <arne@vajhoej.dk> - 2012-09-18 20:02 -0400
      Re: get hexadecimal hash string for a number Magnus Warker <warker@mailinator.com> - 2012-09-19 08:18 +0200
    Re: get hexadecimal hash string for a number Roedy Green <see_website@mindprod.com.invalid> - 2012-09-18 10:23 -0700
      Re: get hexadecimal hash string for a number Arne Vajhøj <arne@vajhoej.dk> - 2012-09-18 20:00 -0400
    Re: get hexadecimal hash string for a number Arne Vajhøj <arne@vajhoej.dk> - 2012-09-18 20:06 -0400
      Re: get hexadecimal hash string for a number markspace <-@.> - 2012-09-18 17:30 -0700
        Re: get hexadecimal hash string for a number Arne Vajhøj <arne@vajhoej.dk> - 2012-09-18 21:07 -0400
    Re: get hexadecimal hash string for a number Kevin McMurtrie <mcmurtrie@pixelmemory.us> - 2012-09-18 22:50 -0700
    Re: get hexadecimal hash string for a number Leif Roar Moldskred <leifm@dimnakorr.com> - 2012-09-19 01:06 -0500
    Re: get hexadecimal hash string for a number rossum <rossum48@coldmail.com> - 2012-09-19 17:34 +0100
      Re: get hexadecimal hash string for a number Magnus Warker <warker@mailinator.com> - 2012-09-20 11:30 +0200
        Re: get hexadecimal hash string for a number rossum <rossum48@coldmail.com> - 2012-09-21 12:48 +0100
          Re: get hexadecimal hash string for a number Lew <lewbloch@gmail.com> - 2012-09-21 10:15 -0700
            Re: get hexadecimal hash string for a number Magnus Warker <warker@mailinator.com> - 2012-09-26 06:11 +0200
              Re: get hexadecimal hash string for a number Arne Vajhøj <arne@vajhoej.dk> - 2012-09-26 09:29 -0400
                Re: get hexadecimal hash string for a number Gene Wirchenko <genew@ocis.net> - 2012-09-26 09:18 -0700
        Re: get hexadecimal hash string for a number markspace <-@.> - 2012-09-21 10:56 -0700
          Re: get hexadecimal hash string for a number Magnus Warker <warker@mailinator.com> - 2012-09-26 06:12 +0200
        Re: get hexadecimal hash string for a number Arne Vajhøj <arne@vajhoej.dk> - 2012-09-23 20:57 -0400

Page 2 of 2 — ← Prev page 1 [2]

#18843

Magnus Warker <magnux@mailinator.com> wrote:
> Hi,
> 
> I want users to register on a site and send confirmation emails to them. 
> These emails should contain a link like this:
> 
> http://myurl?registration=E4AC4BD4
> 
> Here, "E4AC4BD4" should be a unique string. My idea for such a string is 
> just to hash an integer, i. e. the internal database key for the 
> registration record.

What technologies are you using to build your website with? Check if
there is built-in support for this functionality.

-- 
Leif Roar Moldskred

[toc] | [prev] | [next] | [standalone]

#18851

On Tue, 18 Sep 2012 18:25:12 +0200, Magnus Warker
<magnux@mailinator.com> wrote:

>Hi,
>
>I want users to register on a site and send confirmation emails to them. 
>These emails should contain a link like this:
>
>http://myurl?registration=E4AC4BD4
>
>Here, "E4AC4BD4" should be a unique string. My idea for such a string is 
>just to hash an integer, i. e. the internal database key for the 
>registration record.
>
>However, I actually don't know how to get such a hash. I tried BCrypt, 
>but this produces hashes built out of characters that I would not want 
>to be in a URL, e. g. commatas and that.
>
>I would like to have a string like this:
>
>- hexadecimal only
>- fixed size, e. g. always n characters, independend of the integer
>
>Can you help?
>
>Thank you!
>
>Magnus
As has been pointed out, integers are already unique.  Just decide on
a large enough fixed size and zero pad the small numbers:
0000000000001

If you want to disguise the actual number you are using, which is what
I take your mention of "hash" to mean, then you need an encryption.
Each unique input gives a unique output.  It has to be unique,
otherwise you couldn't decrypt it reliably.

For 64 bit numbers, just use DES and encrypt the numbers 0, 1, 2, 3,
... n in turn.  For 128 bits use AES.

If you want to use a size other than 64 or 128 bits then have a look
at Hasty Pudding cypher, which can be set for any desired bit size.

Again, you will need to be sure that your chosen bit size will
acommodate enough users, with plenty to spare for keeping the gaps
numerous enough.

rossum

[toc] | [prev] | [next] | [standalone]

#18859

> As has been pointed out, integers are already unique.  Just decide on
> a large enough fixed size and zero pad the small numbers:
> 0000000000001

> If you want to disguise the actual number you are using, which is what
> I take your mention of "hash" to mean, then you need an encryption.
> Each unique input gives a unique output.  It has to be unique,
> otherwise you couldn't decrypt it reliably.

What about Kevin's posting? He noted that encrypting sequential numbers 
would reveal the encryption key?

> For 64 bit numbers, just use DES and encrypt the numbers 0, 1, 2, 3,
> ... n in turn.  For 128 bits use AES.

Could you please explain this? I haven't used encryption in Java, but I 
would expect that the encryption method should be independend of the 
size of the data to encrypt?

> Again, you will need to be sure that your chosen bit size will
> acommodate enough users, with plenty to spare for keeping the gaps
> numerous enough.

Well, I would simply choose the size of SQL standard integer (64)...

Magnus

-- 
This is Unix-Land. In quiet nights, you can hear the Windows machines 
reboot.

[toc] | [prev] | [next] | [standalone]

#18875

On Thu, 20 Sep 2012 11:30:26 +0200, Magnus Warker
<warker@mailinator.com> wrote:

>> As has been pointed out, integers are already unique.  Just decide on
>> a large enough fixed size and zero pad the small numbers:
>> 0000000000001
>
>> If you want to disguise the actual number you are using, which is what
>> I take your mention of "hash" to mean, then you need an encryption.
>> Each unique input gives a unique output.  It has to be unique,
>> otherwise you couldn't decrypt it reliably.
>
>What about Kevin's posting? He noted that encrypting sequential numbers 
>would reveal the encryption key?
Not with a secure encryption scheme.  Knowing the plaintext gives a
'known plaintext attack'.  Both DES and AES can resist known plaintext
attacks.

>
>> For 64 bit numbers, just use DES and encrypt the numbers 0, 1, 2, 3,
>> ... n in turn.  For 128 bits use AES.
>
>Could you please explain this? I haven't used encryption in Java, but I 
>would expect that the encryption method should be independend of the 
>size of the data to encrypt?
DES and AES are block cyphers.  DES uses a 64 bit block while AES uses
a 128 bit block.  Any plaintext is padded to the next block and the
resulting cyphertext is always an exact number of blocks.  If you are
encrypting 64 bit numbers, then use DES with no padding (since you
already have a full block).  If you used AES for a 64 bit input then
you would get a 128 bit output.  You could truncate it, but then there
is no guarantee of uniqueness.  A block cypher is a keyed one-to-one
mapping between blocks, or is can be seen as a keyed permutation of
blocks.

For variable sized cyphertext output you would need a stream cypher.
However, I would not suggest that as you will need a different
key/nonce for every number that you encrypt.  Reusing a key/nonce is a
big mistake when using stream cyphers.

Hasty Pudding cypher can be used with different block sizes, though it
is not common in crypto libraries.  DES and AES are present in all
crypto libraries.

>
>> Again, you will need to be sure that your chosen bit size will
>> acommodate enough users, with plenty to spare for keeping the gaps
>> numerous enough.
>
>Well, I would simply choose the size of SQL standard integer (64)...
>
>Magnus

[toc] | [prev] | [next] | [standalone]

#18882

rossum wrote:
> Magnus Warker wrote:
>> What about Kevin's posting? He noted that encrypting sequential numbers 
>> would reveal the encryption key?
> 
> Not with a secure encryption scheme.  Knowing the plaintext gives a
> 'known plaintext attack'.  Both DES and AES can resist known plaintext
> attacks.
>
>> Could you please explain this? I haven't used encryption in Java, but I 
>> would expect that the encryption method should be independend of the 
>> size of the data to encrypt?

> DES and AES are block cyphers.  DES uses a 64 bit block while AES uses
> a 128 bit block.  Any plaintext is padded to the next block and the
> resulting cyphertext is always an exact number of blocks.  If you are
> encrypting 64 bit numbers, then use DES with no padding (since you
> already have a full block).  If you used AES for a 64 bit input then
> you would get a 128 bit output.  You could truncate it, but then there
> is no guarantee of uniqueness.  A block cypher is a keyed one-to-one
> mapping between blocks, or is can be seen as a keyed permutation of
> blocks.
> 
> For variable sized cyphertext output you would need a stream cypher.
> However, I would not suggest that as you will need a different
> key/nonce for every number that you encrypt.  Reusing a key/nonce is a
> big mistake when using stream cyphers.
> 
> Hasty Pudding cypher can be used with different block sizes, though it
> is not common in crypto libraries.  DES and AES are present in all
> crypto libraries.

Magnus, you need to understand how Usenet works.

You are not going to learn all about cryptography by asking here. Best people 
here can do for you is point you to research areas.

If you aren't googling like crazy over every keyword rossum fed you, then you 
are missing all the value offered.

Study. Don't expect to be spoon-fed everything you need to know, especially not 
here.

-- 
Lew

[toc] | [prev] | [next] | [standalone]

#18937

On 09/21/2012 07:15 PM, Lew wrote:
> rossum wrote:
>>  Magnus Warker wrote:

>>  Hasty Pudding cypher can be used with different block sizes, though it
>>  is not common in crypto libraries.  DES and AES are present in all
>>  crypto libraries.
>
> Magnus, you need to understand how Usenet works.

Lew, when looking at your posts it seems that you don't understand what 
Usenet is for. I want to talk, you just want to flame. It seems that you 
have serious problems with yourself.

PLONK!

Magnus

-- 
This is Unix-Land. In quiet nights, you can hear the Windows machines 
reboot.

[toc] | [prev] | [next] | [standalone]

#18944

On 9/26/2012 12:11 AM, Magnus Warker wrote:
> On 09/21/2012 07:15 PM, Lew wrote:
>> rossum wrote:
>>>  Magnus Warker wrote:
>
>>>  Hasty Pudding cypher can be used with different block sizes, though it
>>>  is not common in crypto libraries.  DES and AES are present in all
>>>  crypto libraries.
>>
>> Magnus, you need to understand how Usenet works.
>
> Lew, when looking at your posts it seems that you don't understand what
> Usenet is for. I want to talk, you just want to flame. It seems that you
> have serious problems with yourself.
>
> PLONK!

I suggest reconsidering.

Lew has a special style of communication.

But even though it can sound harsh, then in most cases
there are a very valid point in the message.

Arne

[toc] | [prev] | [next] | [standalone]

#18950

On Wed, 26 Sep 2012 09:29:20 -0400, Arne Vajhøj <arne@vajhoej.dk>
wrote:

>On 9/26/2012 12:11 AM, Magnus Warker wrote:
>> On 09/21/2012 07:15 PM, Lew wrote:
>>> rossum wrote:
>>>>  Magnus Warker wrote:
>>
>>>>  Hasty Pudding cypher can be used with different block sizes, though it
>>>>  is not common in crypto libraries.  DES and AES are present in all
>>>>  crypto libraries.
>>>
>>> Magnus, you need to understand how Usenet works.
>>
>> Lew, when looking at your posts it seems that you don't understand what
>> Usenet is for. I want to talk, you just want to flame. It seems that you
>> have serious problems with yourself.
>>
>> PLONK!
>
>I suggest reconsidering.
>
>Lew has a special style of communication.

     Yes, and Magnus seems to have covered it nicely.

>But even though it can sound harsh, then in most cases
>there are a very valid point in the message.

     It *is* harsh.  There often is a valid point, but it can be
difficult telling what it is at times as antagonistic communication
tends to have details dropped out.  Some posts, I have been glad that
I was not the one with the problem, because I would not be able to do
much with Lew's answer.

     I have considering killfiling him myself.

Sincerely,

Gene Wirchenko

[toc] | [prev] | [next] | [standalone]

#18888

On 9/20/2012 2:30 AM, Magnus Warker wrote:
>
>> For 64 bit numbers, just use DES and encrypt the numbers 0, 1, 2, 3,
>> ... n in turn.  For 128 bits use AES.
>
> Could you please explain this? I haven't used encryption in Java, but I
> would expect that the encryption method should be independend of the
> size of the data to encrypt?
>


It's really too complicated to do here.  C.f.:

<http://www.wrox.com/WileyCDA/WroxTitle/Beginning-Cryptography-with-Java.productCd-0764596330.html>


That is a really good book on using the crypto package in Java for 
anyone, beginner or advanced, btw.  Two thumbs up from me.  If you are 
100% conversant with Java's cryptography, get that book, it will teach 
you something.

[toc] | [prev] | [next] | [standalone]

#18938

On 09/21/2012 07:56 PM, markspace wrote:
> On 9/20/2012 2:30 AM, Magnus Warker wrote:

> <http://www.wrox.com/WileyCDA/WroxTitle/Beginning-Cryptography-with-Java.productCd-0764596330.html>
Thanks!


-- 
This is Unix-Land. In quiet nights, you can hear the Windows machines 
reboot.

[toc] | [prev] | [next] | [standalone]

#18901

On 9/20/2012 5:30 AM, Magnus Warker wrote:
>> As has been pointed out, integers are already unique.  Just decide on
>> a large enough fixed size and zero pad the small numbers:
>> 0000000000001
>
>> If you want to disguise the actual number you are using, which is what
>> I take your mention of "hash" to mean, then you need an encryption.
>> Each unique input gives a unique output.  It has to be unique,
>> otherwise you couldn't decrypt it reliably.
>
> What about Kevin's posting? He noted that encrypting sequential numbers
> would reveal the encryption key?

That type of attack is called a known plaintext attack. The most
common symmetric encryption algorithm AES should not be vulnerable
to that.

But as previous stated then I only consider that second best solution.

>> For 64 bit numbers, just use DES and encrypt the numbers 0, 1, 2, 3,
>> ... n in turn.  For 128 bits use AES.
>
> Could you please explain this? I haven't used encryption in Java, but I
> would expect that the encryption method should be independend of the
> size of the data to encrypt?

DES operates on 8 byte blocks and AES on 16 byte blocks.

For data that is not a multipla of that padding is required.

But I would suggest AES and padding.

>> Again, you will need to be sure that your chosen bit size will
>> acommodate enough users, with plenty to spare for keeping the gaps
>> numerous enough.
>
> Well, I would simply choose the size of SQL standard integer (64)...

In many databases INTEGER is only 32 bit.

64 bit is called BIGINT or something similar.

Arne

[toc] | [prev] | [standalone]

Page 2 of 2 — ← Prev page 1 [2]

Back to top | Article view | comp.lang.java.programmer

csiph-web