Highest Voted 'hash' Questions - IT Security Stack Exchange

1

vote

1 answer

Hashcat - separator unmatched running pmkid 16800 crack

I'm working on cracking a pmkid file. I have collected pcap file using bettercap. Then convert using this: hcxpcaptool -z bettercap-wifi-handshakes.pcap.pmkid bettercap-wifi-handshakes.pcap They appear to convert: summary: -------- file…

hash hashcat bettercap

asked Apr 07 '19 at 01:05

Jeremy Whittaker

11
1
2

1

vote

1 answer

Schemes for ID obfuscation like Facebook app scoped IDs

After certain privacy concerns Facebook rolled out a bunch of changes to their APIs, one being "scoping" user identifiers per app. In effect, this means that Alice's canonical facebook user ID is never shared through facebook APIs, but each app sees…

encryption hash privacy

asked Mar 30 '19 at 05:14

goralph

111
2

1

vote

3 answers

Hash pepper in web application possible?

I have read a few articles and several question on here about hashing correctly. While hashing, adding salt and especially pepper is primarily a server side use case, I am interested in the possibility to implement (not talking of inventing security…

authentication passwords web-application hash salt

asked Mar 26 '19 at 13:44

user202855

1

vote

2 answers

How long does it take to compute hashes using the MD5 hash algorithm?

1) If one iteration of MD5 takes x seconds, is it safe to assume that n iterations of MD5 takes n * x seconds? 2) Will salted and unsalted versions of md5 hash algorithms take approximately the same amount of time to compute?

hash salt md5 dictionary

asked Mar 11 '19 at 01:36

user9355495

245
3
5

1

vote

1 answer

Is it safe to reuse a user's hashed password as his token in the email confirmation link?

The user password is hashed with bycrypt. According to this answer: bcrypt is not an encryption function, it's a password hashing function, relying on Blowfish's key scheduling, not its encryption. Hashing are mathematical one-way functions,…

passwords hash bcrypt

asked Jan 24 '19 at 02:33

user97744

1

vote

2 answers

Is there any advantage to combining a hash algorithm with a key-derivation function?

Let's assume I would like to secure passwords using a modern KDF such as Argon2. The flow of information would look like this: $hash,$salt = argon2id($password, $salt). Is there any advantage to first hash the password using SHA256/512, like so…

cryptography hash argon2

asked Jan 18 '19 at 11:12

Joe D.

11
2

1

vote

1 answer

Can I identify a hash function with neural network?

Can I use neural network to identify a hash function like sha256? I mean, generate a bunch of hash codes by different hash functions and also labels. Then, feed these codes into a neural network. Will it work?

hash

asked Jan 09 '19 at 03:31

Huayan Sun

11
1

1

vote

0 answers

What is better way of transmitting password input? Plaintext or its hash value?

Let's just say there is a client and a server. The end-user inputs his/her password in the client interface. Then the data will be sent to the server for validation. In terms of security, would it be best to: Transmit the plaintext password to the…

hash

asked Jan 04 '19 at 02:18

Abel Melquiades Callejo

111
3

1

vote

1 answer

Why do some websites have their hashes on the same area as the download link?

Some sites allow us to use hashes to make sure that the file we download is what it should be and that it is not tampered with. Some sites may have their hashes on a different domain probably on a different server other than the one the download…

hash integrity checksum

asked Dec 24 '18 at 02:38

Henry WH Hack v3.0

2,109
2
23
37

1

vote

1 answer

How to crack a list of hashed passwords given their possibilities

I am trying to crack a number of passwords that have been hashed using SHA-256 using some java code. I have the hashes available and I also have the possibilities in which the password can be. Some of these possibilities include, So for example I…

passwords hash java password-cracking

asked Dec 19 '18 at 18:25

kquinn

11
2

1

vote

2 answers

Best way to encrypt a username in a database?

In my database, I would like to encrypt every identifiable piece of information, including the username, such that people with access to the database cannot deduce the actual username (because it could potentially indicate the actual identity of the…

encryption hash

asked Dec 13 '18 at 16:34

HelloWorld

303
2
10

1

vote

3 answers

Are all fields of the PE certificate directory hashed during authenticode signing?

In a Windows portable executable (PE) file the certificate directory points to an offset to a WIN_CERTIFICATE structure. My understanding is that while the field is named bCertificate, it actually contains an array of certificates in ASN.1 format in…

hash windows digital-signature code-signing authenticode

asked Dec 12 '18 at 10:40

Polynomial

132,208
43
298
379

1

vote

2 answers

How to crack a password given its hash and its possibilities

I am trying to crack a number of passwords that have been hashed using SHA-256. I have the hashes available and I also have the possibilities in which the password can be. Some of these possibilities include; a lower case English word a simple…

passwords hash password-cracking

asked Dec 10 '18 at 17:13

user193292

11
1
2

1

vote

0 answers

Recomended hash algorithm

Possible Duplicate: How to securely hash passwords? Do any security experts recommend bcrypt for password storage? What would you choose between: PBKDF2 SHA256 (270,000 iterations) bcrypt (12, 13 or 14 cost: 1-2 seconds) scrypt: I don't know if…

hash bcrypt pbkdf2 scrypt sha2

asked Sep 07 '12 at 16:00

Surfer on the fall

787
3
8
17

1

vote

1 answer

I know salt and hash(password + salt), how do I get hash(password)?

...If it's possible at all. By hash I mean md5, sha1, sha256. And how difficult is it? I mean, if it's possible mathematically, are there any tools around?

hash

asked Nov 29 '18 at 12:20

George Sovetov

121
4

Questions tagged [hash]