PC-Admin/redlight
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
dfb6c4477c
redlight/notes/hashing.md

2.7 KiB
Raw Blame History

Hashing room_ids

Possible Options

SHA-2 Family: SHA-512, which you mentioned, belongs to this family. Other members include SHA-256, SHA-384, and more. They are widely used and are currently considered secure.

SHA-3: This is the successor to SHA-2 and was standardized by NIST (U.S. National Institute of Standards and Technology) in 2015. SHA-3 is not a modification of SHA-2 but is derived from a cryptographic primitive called Keccak.

BLAKE2: An alternative to MD5 and SHA-2/3, it's considered high-speed and secure. There's also a successor, BLAKE3, which is even faster and maintains a high-security level.

Whirlpool: This is a cryptographic hash function that produces a 512-bit hash. It has undergone a few revisions and is currently considered secure.

RIPEMD-160: While it produces a shorter hash (160 bits), it's still considered reasonably secure and is used in certain applications like Bitcoin.

Argon2: Though not a general-purpose hash function like the others, Argon2 is notable as a memory-hard password hashing function. It's designed to be resistant against GPU-based attacks and is the winner of the Password Hashing Competition in 2015.

Testing

$ time (echo -n '!OEedGOAXDBahPyWMSQ:example.com' | sha512sum | cut -d ' ' -f1 | xargs echo -n | sha512sum)
d5e0b4e8ee49f16b353be2320aa998f2973506e0dccfe9d377d460253e9a6b98966d9d959dfa1501a33a7781eb4cc18eab1cbf03ba3c0fbe98979aa5f163abc7  -

real	0m0.003s
user	0m0.004s
sys	0m0.002s

$ sudo apt install rhash
$ time echo -n '!OEedGOAXDBahPyWMSQ:example.com' | rhash --sha3-512 - 
1eb131ffdd0384fee5465cb3ef10ac95d9cd20e1de0e1b56475c44df095c20b61602de183f0fc0cec49d7e291d06b5169f0134e45923ab5814c42f57353dbb8b  (stdin)

real	0m0.002s
user	0m0.003s
sys	0m0.000s

 time echo -n '!kfGzEsVtwINSAPopXA:perthchat.org' | b2sum
39d97ad8ce613c2afb900d02318552596a619829847ce6abf1b8cda945c358a8e0d3306d8329481cd008e7f97aac275544b715a7a755c1df76a08a1b4ff665a2  -

real	0m0.002s
user	0m0.003s
sys	0m0.000s

$ time echo -n '!kfGzEsVtwINSAPopXA:perthchat.org' | b2sum --length=256
db3ea6a5e44165d3f0d5edaf3ed1c99bee738afcd2a50ddf8a29908719851c65  -

real	0m0.002s
user	0m0.003s
sys	0m0.000s

$ time echo -n '!zWTEwEwdqIvmcJpytH:perthchat.org' | sha256sum -b | cut -d ' ' -f1 | xxd -r -p | sha256sum
962c56a12d861d1921073916db9a1fb47ccc7887d3199690f1de156e57cac709  -

real	0m0.002s
user	0m0.005s
sys	0m0.001s

$ time echo -n '!OEedGOAXDBahPyWMSQ:example.com' | argon2 '!OEedGOAXDBahPyWMSQ:example.com' -e
$argon2i$v=19$m=4096,t=3,p=1$IU9FZWRHT0FYREJhaFB5V01TUTpleGFtcGxlLmNvbQ$eKyknS5nxj85Xcf3HbxGSwIndauticKczRzx03VEL8A

real	0m0.020s
user	0m0.013s
sys	0m0.008s

Final Choice

BLAKE2 since it has shorter output and it supported by Python's built in libraries it seems ideal?