Gary Ackerman

Hashing is an Integrity control that helps ensure data has not been tampered with. It provides a unique digital fingerprint for verification. #Hashing

Habr

Merkle-tree: Как проверить целостность данных без полного доступа?

Хэширование — простой и надёжный способ проверить целостность данных. Но как быть, если нужно удостовериться, что часть данных принадлежит определённому набору ? Например, проверить отдельную транзакцию в блоке Bitcoin или чанк файла в BitTorrent? Для этого используется уникальная структура данных — Merkle-tree . В этой статье вы узнаете, как с её помощью решать задачи проверки данных без доступа к их полному объёму.

habr.com/ru/articles/873718/

#merkleproof #merkle_tree #merkle_patricia_tree #blockchain #bitcoin #bittorrent #hash #hashing #distributed_systems #guide

Merkle-tree: Как проверить целостность данных без полного доступа?

Когда речь заходит о проверке целостности и неизменяемости…

Хабр
GripNews

🌘 ChibiHash:小型、快速的64位雜湊函式
➤ 適合非加密需求的小型快速雜湊函式
nrk.neocities.org/articles/chi
ChibiHash是一個小巧且快速的64位雜湊函式,具有良好的品質、可攜性和不涉及加密。該函式效能優異,適合處理大量字符串,是非加密64位雜湊需求的不錯選擇。
+ 新的雜湊函式看起來相當吸引人,尤其對於處理大量資料的需求。
+ 簡潔而高效的函式設計,對於一些特定應用場景可能會很有用。
#[ c #hashing ]

ChibiHash: Small, Fast 64 bit hash function

nrk.neocities.org
Genomicalist 🧬🦠🧫👩‍💻

Saying that blockchains are inherently bad is like saying that knifes are inherently bad.
Yes, they can be used for bad things. But also good things: Just consider Torvald's Git software version control implementation.

#blockchain #hashing #git

Oct 25, 2024, 09:02 · · · 0 · 0
Royce Williams

So ... due to an early obsession with historical BSD hashes ... I have significantly more bcrypt hashrate-per-watt cracking capacity than most solo shops. For bcrypt cost 12, it's about 34Kh/s straight wordlist -- the equivalent of about 17 4090s -- at only 1100W (these old Bitcoin FPGAs are very efficient for bcrypt specifically). And this capacity is intermittently idle, which is kinda a shame.

I haven't really put it out there as something I can help with if needed (outside of the Hashcat team). So ... feel free to ping me if you need bcrypts cracked/audited!

(Reasonable rates, but note that I do have a pretty firmly high bar for provenance / proof of authorization)

(Rat's nest of USB has been cleaned up a bit 😅)

#bcrypt #PasswordCracking #hashing

Oct 06, 2024, 02:27 · · · 0 · 0
JMLR

'Random measure priors in Bayesian recovery from sketches', by Mario Beraha, Stefano Favaro, Matteo Sesia.

jmlr.org/papers/v25/23-1058.ht

#hashing #priors #prior

Royce Williams

When a target hashlist has a significantly lower percentage of cracks than expected, I've started calling the remaining/missing cracks "dark matter".

Some potential causes of cracking "dark matter":

site changed methodologies later: switched to a nested hash, added a pepper, etc.
significant number of accounts with automatically generated random-ish passwords (defaults, resets, bots, etc.)
attacker (me) is missing key info: language, encoding, demographics, etc.

What could other causes be?

#Hashing #PasswordCracking

Kevin Karhan :verified:

@lea @lunch I mean, I could understand if for #FAT32 they'd set it to just below 2GiB per file since that's it's maximum.

So yes, we should refuse to accomondate FAT32 or any other legacy filesystem of that matter because even #ext2 supports 16GiB file size at the bare minimum...

As I'm confident that 2012 low-end CPU didn't even have hardware-acceleration, and #hashing on #BitTorrent is solely done to prevent bitflips and enshure it's complete as malicious attacks like #HashCollisions on a torrent are rare and would likely fail due to exceeding the file size as per metadata...

File Allocation Table - Wikipedia

en.wikipedia.org
Habr

SSDeep и все-все-все

Для систем класса анализа внешней поверхности атак (External Attack Surface Management, EASM), непрерывно перелопачивающих обширное пространство Интернета, способность эффективно выявлять повторяющийся или тесно связанный контент имеет важное значение. Для решения этой задачи мы в СайберОК интегрировали в СКИПА различные механизмы от тривиальных регэкспов до больших языковых моделей (LLM, Large Language Model). В этой статье мы рассмотрим один из подобных трюков – использование нечеткого хеширования (fuzzy-hashing aka similarity hashing).

habr.com/ru/companies/cyberok/

#ssdeep #easm #hashing #хеширование

SSDeep и все-все-все

Введение Для систем класса анализа внешней поверхности…

habr.com
John M. Gamble

I've just learned of the term "Gematria" (I knew of the technique, I just didn't know it had a specialized name) and numerology aside, I wondered, "Could this be considered the first #Hashing algorithm?"

#HashingAlgorithm

en.m.wikipedia.org/wiki/Gematr

Gematria - Wikipedia

en.m.wikipedia.org
Royce Williams

Prompted by a recent conversation, a short, living list of password-length breakpoints relative to hashes, in bytes:

7 - Max length of the first and second halves of an LM password. This means that any LM password, regardless of length and composition, can be cracked in under five minutes on modern gear.

8 - Max length of a descrypt password. Can be fully exhausted on prosumer gear in a couple of days (worst case)

14 - Max "length" of an LM password (even though it's really two 7-char passwords)

15 - Length at which LM password default will be ignored, and the hash will be forced to be NTLM

72 - Max length of a bcrypt password

What am I missing? (Will merge any validated replies)

#passwordcracking #hashing

Shane

Encryption is two way.

Hashing is one way.

Laravel has built in support for hashing and encryption.

But how safe is that, really? Someone in your organisation might still be able to access that information.

Consider where keys are stored & who has access to those keys.

If you have valuable information you will be hacked. Eventually. Whether you know it or not.

#laravel #laracon #laraconau #encryption #php #hashing