Highest Voted 'sha2' Questions - IT Security Stack Exchange

2

votes

1 answer

How difficult it is to solve a salt if knowing the original data and the hash output that uses the SHA-2 algorithm

I am reading the documentation for Kentico where it describes using hashes to validate query…

hash salt sha2

asked Apr 18 '14 at 20:11

Andrey

123
3

2

votes

2 answers

Does sending two different hashes of the same password reduce security?

I'm updating a login system. The password is sent to the server as SHA512(password + long_string). I want to switch this to something like SHA512(username + password) in the future. By doing that I don't need to add "please login again" dialogs when…

hash sha2

asked Jan 19 '14 at 18:10

cmpxchg8b

123
3

2

votes

1 answer

Reversing a block hash of SHA-1 with known Plaintext?

Is it possible to reverse the hashing of a block in a Datastream fed to an SHA1 if the plaintext for that block is known? If it is not possible (which I assume) does it make attacks to retrieve the state easier? An example what I'm trying to figure…

hash sha sha256 sha2 known-plaintext-attack

asked Oct 29 '13 at 23:03

Patrick Huy

123
4

2

votes

0 answers

Add additional rounds on existing SHA-512 salted hashes without knowing clear text password?

Assuming you have a salted SHA-512 password hash with 5000 rounds. For example: {CRYPT}$6$rounds=5000$6835c5dcf0bb7310$hVod/jy7uONMSa.FVpLHb/2OrWpAj3lB/.RWdvgd3YaQAnzN3rorGhaziswwGsHfOWZYkLwXhHKnCy5By2CKr0 Could one add more rounds (e.g. another…

passwords hash sha2

asked Jul 05 '19 at 15:09

LuHa

31
3

2

votes

3 answers

Are Salt strings stored by application?

1) As storing passwords in plain text in databases are not secure and so is not a good practice. password stored in db = "abcde" (plain text) 2) To avoid this, passwords are stored after being hashed using some reliable hashing techniques like…

passwords password-cracking salt scrypt sha2

asked Jul 22 '17 at 05:03

joven

151
1

2

votes

0 answers

SHA 1 Interemediate Signer for a SHA2 Personal Certificate

I came across a certificate that has a signer that is SHA1 but it is a SHA2 certificate. Is this actually allowed or is did the CA screw up ? Would it work with a TLS 1.2 negotiation?

tls sha2

asked Mar 09 '17 at 21:58

Thomas Cosenza

21
1

2

votes

3 answers

Rounds in a hashing function

First of all, Hello! I'm new to the site, don't know any english equivalent to "yoroshiku". So, I was reading the SHA-512crypt generator documentation and found the part: The default number of rounds for both algorithms is 5,000. To ensure …

hash sha2

asked Jan 24 '17 at 16:15

WOkzinhan

21
1
2

2

votes

2 answers

Is a SHA-256 signature required on a CSR in order to generate a certificate with SHA-256 signature?

I've heard conflicting statements about this from certificate authorities and security groups and would like to confirm: Is a SHA-256 signature required on a CSR in order to generate a signed certificate with SHA-256 signature? I thought it wasn't…

sha sha2

asked Nov 20 '15 at 21:31

Mike B

3,336
4
29
39

1

vote

1 answer

Issue regarding installation of SHA256 scertificate

Can anyone help me with the installation of SHA256 certificate? I have generated the certificate perfectly but there seems to be an error below: Kindly let me know why am getting the exclamation mark in the yellow triangular box at the Key Usage…

tls sha sha256 sha2

asked Jun 30 '15 at 12:46

gowri kaushik

13
2

1

vote

2 answers

iOS, Android, and OS X SHA-2 support (in the context of SSL/TLS certificates)

As there is currently a move away from SHA-1 being used as part of TLS, we're examining moving our SSL certificates, used to protected traffic in transit to/from our webservers, to use SHA-2. However, I'm having trouble finding information on client…

tls client-side client sha2

asked Jan 31 '14 at 17:41

Josh

131
1
5

1

vote

0 answers

Recomended hash algorithm

Possible Duplicate: How to securely hash passwords? Do any security experts recommend bcrypt for password storage? What would you choose between: PBKDF2 SHA256 (270,000 iterations) bcrypt (12, 13 or 14 cost: 1-2 seconds) scrypt: I don't know if…

hash bcrypt pbkdf2 scrypt sha2

asked Sep 07 '12 at 16:00

Surfer on the fall

787
3
8
17

1

vote

1 answer

How many possibilities can today's computers check (per second) in a SHA512 hash of a 50-byte-long random entry?

The problem I want to avoid is "brute force" attacks against a database. So if I add a 50-byte-long cryptographically random salt to my information (which I don't need to retrieve, just its hash) - is it secure enough? I know the answer is inexact -…

hash brute-force sha2

asked Aug 06 '12 at 14:30

ispiro

773
1
7
18

1

vote

1 answer

What is the application of SHA384withRSAEncryption?

I am trying to understand the application of SHA384withRSAEncryption. SHA-384 is a message digest algorithm and RSA is used for public key cryptography (secure communication). RSA involves a public private key pair, so there are 2 ends of…

sha2

asked Jul 20 '12 at 17:47

Neon Flash

929
2
11
17

1

vote

0 answers

How Secure Would Client Side Sha-512 Be In JavaScript

I've created an Capture The Flag challenge for me and a few of my mates, and for the final challenge, you're goal is to log in as admin to a site. Now the site doesn't use any server side languages (since it's purposely insecure and I'd rather not…

encryption javascript sha client-side sha2

asked Sep 15 '17 at 21:14

The Gamer King

37
5

1

vote

1 answer

Extra PBKDF2 characters in SHA-512 output

I was using hash_pbkdf2 earlier today when I noticed something strange. The normal way to generate a hash is to output the entire string like the code below which outputs a 128 character string (128 chars, 4 bit each, 512bit total): echo…

hash php sha sha2

asked Dec 19 '16 at 22:32

Aedazan

134
8

Questions tagged [sha2]