A salt is a non-secret, random value that’s used to ensure that the same plaintext will not consistently hash to the same output value; it’s used to prevent precomputation attacks such as Rainbow Tables. A nonce (“number used once”) is a – typically randomly generated – value that’s associated with a message in a cryptographic … Read more
The V8 design docs imply lookups will be at least this fast, if not faster: Most JavaScript engines use a dictionary-like data structure as storage for object properties – each property access requires a dynamic lookup to resolve the property’s location in memory. This approach makes accessing properties in JavaScript typically much slower than accessing … Read more
With “salt round” they actually mean the cost factor. The cost factor controls how much time is needed to calculate a single BCrypt hash. The higher the cost factor, the more hashing rounds are done. Increasing the cost factor by 1 doubles the necessary time. The more time is necessary, the more difficult is brute-forcing. … Read more
See Time Complexity. The python dict is a hashmap, its worst case is therefore O(n) if the hash function is bad and results in a lot of collisions. However that is a very rare case where every item added has the same hash and so is added to the same chain which for a major … Read more
First of all, MD5 is broken – you can generate a collision, so MD5 should not be used for any security applications. SHA1 is not known to be broken and is believed to be secure. Other than that – yes, MD5 is faster but has 128-bit output, while SHA1 has 160-bit output. Update: SHA1 has … Read more
bin2hex(mcrypt_create_iv(22, MCRYPT_DEV_URANDOM)); mcrypt_create_iv will give you a random sequence of bytes. bin2hex will convert it to ASCII text Example output: d2c63a605ae27c13e43e26fe2c97a36c4556846dd3ef Bare in mind that “best” is a relative term. You have a tradeoff to make between security, uniqueness and speed. The above example is good for 99% of the cases, though if you are … Read more
Try using the HashWithIndifferentAccess like APP_CONFIG = HashWithIndifferentAccess.new(YAML.load(File.read(File.expand_path(‘../app.yml’, __FILE__))))
I had the same need and did some research and ended up using libcfu It’s simple and readable so if I have a need to modify, I can do it without spending too much time to understand. It’s also of BSD license. No need to change my structs (to embed say a next pointer) I … Read more
This hash function is similar to a Linear Congruential Generator (LCG – a simple class of functions that generate a series of psuedo-random numbers), which generally has the form: X = (a * X) + c; // “mod M”, where M = 2^32 or 2^64 typically Note the similarity to the djb2 hash function… a=33, … Read more
You’re correct that it cannot guarantee uniqueness, however there are approximately 3.402823669209387e+38 different values in a 32 digit hex value (16^32). That means that, assuming the math behind the algorithm gives a good distribution, your odds are phenomenally small that there will be a duplicate. You do have to keep in mind that it IS … Read more