Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.java.security > #54 > unrolled thread
| Started by | "sean" <sean@THRWHITE.remove-dii-this> |
|---|---|
| First post | 2011-04-27 16:07 +0000 |
| Last post | 2011-04-27 16:08 +0000 |
| Articles | 10 — 5 participants |
Back to article view | Back to comp.lang.java.security
MessageDigest Length "sean" <sean@THRWHITE.remove-dii-this> - 2011-04-27 16:07 +0000
Re: MessageDigest Length "Robert Kochem" <robert.kochem@THRWHITE.remove-dii-this> - 2011-04-27 16:07 +0000
Re: MessageDigest Length "Roedy Green" <roedy.green@THRWHITE.remove-dii-this> - 2011-04-27 16:07 +0000
Re: MessageDigest Length "Roedy Green" <roedy.green@THRWHITE.remove-dii-this> - 2011-04-27 16:07 +0000
Re: MessageDigest Length "Maarten Bodewes" <maarten.bodewes@THRWHITE.remove-dii-this> - 2011-04-27 16:08 +0000
Re: MessageDigest Length "Roedy Green" <roedy.green@THRWHITE.remove-dii-this> - 2011-04-27 16:08 +0000
Re: MessageDigest Length "Maarten Bodewes" <maarten.bodewes@THRWHITE.remove-dii-this> - 2011-04-27 16:08 +0000
Re: MessageDigest Length "Roedy Green" <roedy.green@THRWHITE.remove-dii-this> - 2011-04-27 16:08 +0000
Re: MessageDigest Length "Roedy Green" <roedy.green@THRWHITE.remove-dii-this> - 2011-04-27 16:08 +0000
Re: MessageDigest Length "rmoldskr+usenet" <rmoldskr+usenet@THRWHITE.remove-dii-this> - 2011-04-27 16:08 +0000
| From | "sean" <sean@THRWHITE.remove-dii-this> |
|---|---|
| Date | 2011-04-27 16:07 +0000 |
| Subject | MessageDigest Length |
| Message-ID | <dcaa8c53-2b2d-4495-83f6-81e3442f4d8f@i29g2000prf.googlegroups.com> |
To: comp.lang.java.security Does anyone know if there is a way of setting the length of the hashed value returned from a message digest? --- * Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet! --- Synchronet 3.15a-Win32 NewsLink 1.92 Time Warp of the Future BBS - telnet://time.synchro.net:24
[toc] | [next] | [standalone]
| From | "Robert Kochem" <robert.kochem@THRWHITE.remove-dii-this> |
|---|---|
| Date | 2011-04-27 16:07 +0000 |
| Message-ID | <f7k1llped7o1.13us8sed7f2um$.dlg@40tude.net> |
| In reply to | #54 |
To: comp.lang.java.security sean@onset.com.au schrieb: > Does anyone know if there is a way of setting the length of the hashed > value returned from a message digest? Sorry, but this does not make sense to me. Each digest algorithm has a specified output length, e.g. MD5 128-Bit, SHA-1 160bit ... Truncating this output may result in collisions and extending the output is also not destined. If you want a deterministic variable length output generated by a given input you should look for a PRNG (Pseudo Random Number Generator) using it's seed as input value. Robert --- * Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet! --- Synchronet 3.15a-Win32 NewsLink 1.92 Time Warp of the Future BBS - telnet://time.synchro.net:24
[toc] | [prev] | [next] | [standalone]
| From | "Roedy Green" <roedy.green@THRWHITE.remove-dii-this> |
|---|---|
| Date | 2011-04-27 16:07 +0000 |
| Message-ID | <ou03s350h44unkjk46r4tko76mlnu7dtt6@4ax.com> |
| In reply to | #56 |
To: comp.lang.java.security On Sat, 15 Dec 2007 13:07:47 +0100, Robert Kochem <robert@mailueberfall.de> wrote, quoted or indirectly quoted someone who said : >If you want a deterministic variable length output generated by a given >input you should look for a PRNG (Pseudo Random Number Generator) using >it's seed as input value. see http://mindprod.com/jgloss/digest.html why you would not want to do that. -- Roedy Green Canadian Mind Products The Java Glossary http://mindprod.com --- * Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet! --- Synchronet 3.15a-Win32 NewsLink 1.92 Time Warp of the Future BBS - telnet://time.synchro.net:24
[toc] | [prev] | [next] | [standalone]
| From | "Roedy Green" <roedy.green@THRWHITE.remove-dii-this> |
|---|---|
| Date | 2011-04-27 16:07 +0000 |
| Message-ID | <4k03s3t148p3s0esnds18io3e9dedaj337@4ax.com> |
| In reply to | #54 |
To: comp.lang.java.security On Tue, 11 Dec 2007 17:18:45 -0800 (PST), sean@onset.com.au wrote, quoted or indirectly quoted someone who said : >Does anyone know if there is a way of setting the length of the hashed >value returned from a message digest? each algorithm has a standard fixed length. If you want a different length, use a different algorithm. See http://mindprod.com/jgloss/digest.html -- Roedy Green Canadian Mind Products The Java Glossary http://mindprod.com --- * Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet! --- Synchronet 3.15a-Win32 NewsLink 1.92 Time Warp of the Future BBS - telnet://time.synchro.net:24
[toc] | [prev] | [next] | [standalone]
| From | "Maarten Bodewes" <maarten.bodewes@THRWHITE.remove-dii-this> |
|---|---|
| Date | 2011-04-27 16:08 +0000 |
| Message-ID | <47e524f6$0$14360$e4fe514c@news.xs4all.nl> |
| In reply to | #54 |
To: comp.lang.java.security sean@onset.com.au wrote: > Does anyone know if there is a way of setting the length of the hashed > value returned from a message digest? There isn't, but in general a good message digest spreads all the information over all the bits of the result. So you can just cut stuff off of the message digest. In protocols, you generally take the first bytes from the returned byte array (e.g. within Key Generation or 4 byte 3DES MAC). Maarten --- * Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet! --- Synchronet 3.15a-Win32 NewsLink 1.92 Time Warp of the Future BBS - telnet://time.synchro.net:24
[toc] | [prev] | [next] | [standalone]
| From | "Roedy Green" <roedy.green@THRWHITE.remove-dii-this> |
|---|---|
| Date | 2011-04-27 16:08 +0000 |
| Message-ID | <18ffu3pk481oj53l8r9lo2mup743voi3d5@4ax.com> |
| In reply to | #78 |
To: comp.lang.java.security On Sat, 22 Mar 2008 16:25:42 +0100, Maarten Bodewes <maarten.bodewes@xs4all.nl> wrote, quoted or indirectly quoted someone who said : >> Does anyone know if there is a way of setting the length of the hashed >> value returned from a message digest? There is not much point in generating a 256 bit digest then using only the first 16 bits. You can same yourself considerable CPU cycles by generating a 16 bit digest directly . Just pick an algorithm with the size you want. For a list of algorithms see http://mindprod.com/jgloss/digest.html Short ones are usually called "checksums". -- Roedy Green Canadian Mind Products The Java Glossary http://mindprod.com --- * Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet! --- Synchronet 3.15a-Win32 NewsLink 1.92 Time Warp of the Future BBS - telnet://time.synchro.net:24
[toc] | [prev] | [next] | [standalone]
| From | "Maarten Bodewes" <maarten.bodewes@THRWHITE.remove-dii-this> |
|---|---|
| Date | 2011-04-27 16:08 +0000 |
| Message-ID | <47f00ee2$0$14347$e4fe514c@news.xs4all.nl> |
| In reply to | #81 |
To: comp.lang.java.security Roedy Green wrote: > On Sat, 22 Mar 2008 16:25:42 +0100, Maarten Bodewes > <maarten.bodewes@xs4all.nl> wrote, quoted or indirectly quoted someone > who said : > >>> Does anyone know if there is a way of setting the length of the hashed >>> value returned from a message digest? > > There is not much point in generating a 256 bit digest then using only > the first 16 bits. You can same yourself considerable CPU cycles by > generating a 16 bit digest directly . > > Just pick an algorithm with the size you want. For a list of > algorithms see http://mindprod.com/jgloss/digest.html > > Short ones are usually called "checksums". > That's the worst advice I've seen for years. The strength is in the algorithm mostly, not in the length of the value that you use. A CRC does not provide cryptographic security *at all*. Of course, you cannot delete bits without destroying the chances of creating hash collisions, but at least you would not be able to just calculate them. Actually, you should not be posting here if you know this little about cryptography. Regards, Maarten --- * Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet! --- Synchronet 3.15a-Win32 NewsLink 1.92 Time Warp of the Future BBS - telnet://time.synchro.net:24
[toc] | [prev] | [next] | [standalone]
| From | "Roedy Green" <roedy.green@THRWHITE.remove-dii-this> |
|---|---|
| Date | 2011-04-27 16:08 +0000 |
| Message-ID | <69ohv31tlkvtmq12npjdc7utd2jdj1i0nk@4ax.com> |
| In reply to | #87 |
To: comp.lang.java.security On Mon, 31 Mar 2008 00:06:26 +0200, Maarten Bodewes <maarten.bodewes@xs4all.nl> wrote, quoted or indirectly quoted someone who said : >Actually, you should not be posting here if you know this little about >cryptography. I did not see any mention of cryptography. -- Roedy Green Canadian Mind Products The Java Glossary http://mindprod.com --- * Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet! --- Synchronet 3.15a-Win32 NewsLink 1.92 Time Warp of the Future BBS - telnet://time.synchro.net:24
[toc] | [prev] | [next] | [standalone]
| From | "Roedy Green" <roedy.green@THRWHITE.remove-dii-this> |
|---|---|
| Date | 2011-04-27 16:08 +0000 |
| Message-ID | <hcohv3d4s68armh1ud0fnf3pb7k7dk97lj@4ax.com> |
| In reply to | #87 |
To: comp.lang.java.security On Mon, 31 Mar 2008 00:06:26 +0200, Maarten Bodewes <maarten.bodewes@xs4all.nl> wrote, quoted or indirectly quoted someone who said : >Actually, you should not be posting here if you know this little about >cryptography. If he wants only 16 bits, the purpose is not going to be cryptography. -- Roedy Green Canadian Mind Products The Java Glossary http://mindprod.com --- * Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet! --- Synchronet 3.15a-Win32 NewsLink 1.92 Time Warp of the Future BBS - telnet://time.synchro.net:24
[toc] | [prev] | [next] | [standalone]
| From | "rmoldskr+usenet" <rmoldskr+usenet@THRWHITE.remove-dii-this> |
|---|---|
| Date | 2011-04-27 16:08 +0000 |
| Message-ID | <SOudnQjdQeMBsWTanZ2dnUVZ8hednZ2d@giganews.com> |
| In reply to | #87 |
To: comp.lang.java.security Maarten Bodewes <maarten.bodewes@xs4all.nl> wrote: > That's the worst advice I've seen for years. The strength is in the > algorithm mostly, not in the length of the value that you use. No matter what algorithm you use, a single bit digest won't be very secure. -- Leif Roar Moldskred Got Sfik? --- * Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet! --- Synchronet 3.15a-Win32 NewsLink 1.92 Time Warp of the Future BBS - telnet://time.synchro.net:24
[toc] | [prev] | [standalone]
Back to top | Article view | comp.lang.java.security
csiph-web