Is there an idempotent hash function? -


is there hash function idempotent? know md5 , sha256 not:

$ echo -n "hello world" | md5sum 5eb63bbbe01eeed093cb22bb8f5acdc3  - $ echo -n "5eb63bbbe01eeed093cb22bb8f5acdc3" | md5sum c0b0ef2d0f76f0133b83a9b82c1c7326  -  $ echo -n "hello world" | sha256sum b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9  - $ echo -n "b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9" | sha256sum 049da052634feb56ce6ec0bc648c672011edff1cb272b53113bbc90a8f00249c  -

is there hash algorithm can this?

$ echo -n "hello world" | idempotentsum abcdef1234567890 $ echo -n "abcdef1234567890" | idempotentsum abcdef1234567890

if such algorithm exist, useful cryptographically? i.e. reasonable inputs, computationally infeasible guess input known output?

if such algorithm not exist, not exist because nobody has bothered find or mathematical impossibility?

context

i'm working on system user may want save password in password manager. particularly paranoid user may prefer save password in hashed form rather in plain text. i'd user able authenticate hashed password. rather trying authentication twice (once assuming user's password hashed , once assuming not), wondered if there algorithm let me once.

i know there alternative ways of allowing users store authentication tokens rather plain-text passwords. idea popped head, , curious. couldn't find on google or so.

edit: not suggesting allowing user authenticate hashed password means ok server not salt/hash password. server must still salt/hash original password or client-side hashed password.

edit: not suggesting allowing user log in client-side hashed password genuine security improvement. far know possible benefit add if user used password more 1 purpose. in case, if user's hashed password discovered attacker, access service compromised rather services sharing password. however, best practice not use same password multiple services.

if such algorithm exist, useful cryptographically?

well, consider this: hash typically map between 2 sets:

a -> b

where b set of possible hashes, , set of things hashable.

now, bigger b -- hashes shorter "checksums" can calculated larger streams of data. typically, you'd still want little collisions possible in hash, meaning statistically, elements b should have same number of elements map them, , elements map same element in b should "far away" each other under metric. implies, b tries hard possible whole set of words of constant length. immensely harder find systematic function that, still maps each element b same element in b; "enforce" collision. in general, that's cryptographic weakness, , serious 1 @ that.

now, considering password case: don't see how make sense. it's cryptographically bad idea let user authenticate either his/her hashed password or in plain, because no matter you'd do, you'd give away full information on how forge authentication eavesdroppers.


Comments

Post a Comment

Popular posts from this blog

asp.net mvc - SSO between MVCForum and Umbraco7 -

i need integrate sso between mvcforum (forum of company) , umbraco7 (manages cms company). however struggling shared authentication work. tried several ways suggested on other threads still not running expected. here did: 1. in mvcforum (forum.mywebsite.com) 1.1. machine key in web.xml: <machinekey validationkey="the same key umbraco7" decryptionkey="the same key umbraco7" validation="sha1" decryption="aes" /> 1.2. authenticate forms in web.xml <forms name="my-sso-auth" protection="all" path="/" timeout="43200" domain="forum.mywebsite.com" loginurl="/members/logon" enablecrossappredirects="true" /> 2. in umbraco7 (news.mywebsite.com) 2.1. machine key in web.xml: <machinekey validationkey="the same key mvcforum" decryptionkey="the same key mvcforum" validation="sha1" decryption="aes" /> 2.2. a
Read more

Python Tkinter keyboard using bind -

i have problem using bind option can click button in keyboard, , call function once key pressed. tried taking other codes have similar purpose , saw i'm doing pretty same, though still have problem must've missed. thankful if me this. here's code: # -*- coding: utf-8 -*- #imports tkinter import * pil import imagetk, image import time import tkmessagebox #===========================================================================================================================================# #tkinter class class app(frame): def __init__(self, master=none): frame.__init__(self, master) self.pack() #===========================================================================================================================================# #game pieces classes class board: def __init__(self, rows = 7, columns = 6, picture_height = none, picture_width = none): self.rows = rows self.columns = columns self.picture
Read more

ubuntu - Selenium Node Not Connecting to Hub, Not Opening Port -

i'm trying set demo selenium grid. have digital ocean ubuntu 14.02 droplet. (i have 2 , tried set using 2 different machines got nowhere.) i'm trying run hub , node both locally. here input both hub, node, , nmap results. https://gist.github.com/mekhami/d5bbecca5ff0de9d2dc9 so, node starting tcp connection reset , port it's supposed operate on closed. i have had no luck in number of different options , configurations work. but... of course, worked randomly once. don't know why, don't know did, know 1 brief moment, node connected , saw on grid console. tried run test , went down again , i've never seen come up. please let me know more information can provide. update: randomly came online again. don't know happened, might related timeout or time_wait or going on. this because vm/server not have enough entropy available. to resolve problem, install haveged (or other similar things). the instructions of how install haveged on ubu
Read more