I need a C# expert. Here is 2-line example from python:
from passlib.context import CryptContextprint CryptContext(['pbkdf2_sha512']).encrypt('testtest')Can it be achieved with C# in some reasonable number of lines?
According to the books that i have read, it says that S.H.A(Secure Hash Algorithm) is collision resistant.But if the input space is a 1024 bit number and the output space is a 512 bit message digest then shouldn't it be colliding for (2^1024)/(2^512) times? As the range is lesser than the domain being mapped there should have been collisions. please explain where i am going wrong.
I use SHA512Managed class for coding user password string. I initually create etalon string coded in the folowing way:
Then (in program loop) I convert this hash byte array to string in the following way:
System.Text.StringBuilder sBuilder = new System.Text.StringBuilder();for (int i = 0; i < passwordСache.Length; i++){ sBuilder.Append(passwordСache[i].ToString("x2"));}string passwordCacheString = sBuilder.ToString();where the passwordСache is hash byte array and passwordCacheString is result string.
Finally, I store result string in MS SQL Server database table as etalon string.
The matter is in the folowing: If I periodically call SHA512Managed.ComputeHash(byte[]) method and each time pass to it the same byte array as input parameter (for example obtained from "Johnson_#1" string), then the content of returned hash byte array will differs from time to time.
So, if I convert such hash byte array to string (as I showed above) and compare this string to etalon string that is in database table, then the content of this string will differ from content of etalon string though the same string ("Johnson_#1") underlies.
Better defined the question
My question is: Is there a way of determining that two compared SHA512Managed hash byte arrays with different content were created on the base of the same string? Yuor help will be appreciated highly.
SHA-512 is one-way so I will need to not attempt to crack passwords because it is easier to simply reset a password. If someone is aware of getting the original password from a SHA-512 hashed text, please let me know. Otherwise, I am moving on from this question. Thank you for all of your answers.
Although unhashing is technically possible with software and brute-force hacking, I found an open source software that appears to be widely used:
Enjoy!
I've created a mysql dump of my users and passwords and awked them into a presentable form:
Passwords:
'6cc5db1c282daa071b0cf80982d19ec0f2e21976a4c39c0c7a3ab30f102b33e2780fd56f4d507e4873630eeb5ba1a8ad8d338bb8abcf64a513630a0dea7044db''1927f6acb76f53106a29015ba787e6f7c826f939a64be656a669f78515ffbb2447bee266e5f57751d98f4990f71d131bcb11575199b8e717a0ad91c381df43ca''dfd3b2e6478c0ca15102e74251a300abba96296662686f9eeba1f2ebbb9353ad9f91546d0c02ececd5e205c0a94e083a3f63eeec9642f69ad24fd674927c6a3d'Salts:
'ecb2796f-e69d-4ad6-858f-832170b00b5c''a46a3486-79dd-428b-88a8-558303fe8dc8''02b6fedc-6932-4893-8725-cd4c8a191d57'With the first entry on one corresponding to the first on the other. The password for the first entry is password. I am using sha512whirlpool as the encrypting algorithm.
I want to use a utility to encrypt a string ("password" in this case) using that same algorithm and salting it and compare it to the encrypted password. Anyone have any ideas what utility might be good for this? I was hoping to use mkpasswd, but I got an error there:
mkpasswd -m sha-512 password ecb2796f-e69d-4ad6-858f-832170b00b5cAnd this is the error:
Wrong salt length: 36 bytes when 8 <= n <= 16 expected.Was I doing something wrong here? Any advice?
Please note that by viewing our site you agree to our use of cookies (see Privacy for details). You will only see this message once.