Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 9 of 9
  1. #1
    Regular Coder
    Join Date
    Aug 2003
    Posts
    565
    Thanks
    0
    Thanked 0 Times in 0 Posts

    a hashing function you would recommend

    Hi,

    I was wondering if someone is using a hashing function that he would recommend. I wouldn't dream of writing my own at my level of knowledge but I would need one before populating my DB in order to avoid problems like re-recording all data when starting to use a hashing function after that the DB has already started to be populated. I've performed a search on CF about this topic but I can't find such an advice; PHP is obvioulsy more "user-friendly" in terms of writing hashing function but since I'm using ASP that obviously won't make it...

    So I'll formulate my question like this:

    -Do you (you or someone you know) use a hashing function that you're happy with? I'm probably going to get one on hotscripts.com but if you have one to recommend... Just let me know...

    thanx for any advices

  • #2
    Senior Coder A1ien51's Avatar
    Join Date
    Jun 2002
    Location
    Between DC and Baltimore In a Cave
    Posts
    2,717
    Thanks
    1
    Thanked 94 Times in 88 Posts
    If you want to try to attack it yourself here is a good explaination in ASP

    http://www.15seconds.com/issue/000217.htm

  • #3
    Regular Coder
    Join Date
    Aug 2003
    Posts
    565
    Thanks
    0
    Thanked 0 Times in 0 Posts
    mmmh... very cool article... nice reading. Thanx a lot A1ien51

  • #4
    Regular Coder
    Join Date
    Mar 2003
    Posts
    241
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I'm using the MD5-function from this site: http://www.frez.co.uk/freecode.htm#md5

    There is also a SHA256-function on that site but I haven't tried it so I can't say if it's good or not.

  • #5
    Regular Coder
    Join Date
    Aug 2003
    Posts
    565
    Thanks
    0
    Thanked 0 Times in 0 Posts
    thanx a lot Caffeine very interesting code to look at... If you're using it I guess you're satified with it since you don't give comments on any downside that this code could have. Any more propositions are still welcome

  • #6
    raf
    raf is offline
    Master Coder
    Join Date
    Jul 2002
    Posts
    6,589
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Never usded one in ASP.

    I would vote sha2, since md5 seems to be compromised. If you later would want to apply for VISA-transactions, then you can't use md5. Probably a bit accademic but you might as well choose a function that wount limit you further down the road.

    Also search the MySQL forum for sha2. I've posted some thoughts on it there.
    Hashings real power is that you can be sure that the content wasn't intercepted and altered during transport, but hashing passwords doesn't realy provide much extra security, unless you apply a 'secret' userspecific salt that isn't stored in the db. (but that maybe is stored on the clients machine or so).

  • #7
    Regular Coder
    Join Date
    Aug 2003
    Posts
    565
    Thanks
    0
    Thanked 0 Times in 0 Posts
    thanx a lot for input raf I'll check the MySql forum for this info.

    <edit>
    btw, nice to see you here again... It has been like... 2 weeks that I haven't seen you here in the ASP forum right? huge workload?
    </edit>
    Last edited by jeskel; 11-06-2003 at 07:12 PM.

  • #8
    Regular Coder
    Join Date
    Jun 2002
    Posts
    185
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You can find an SHA hash function coded in server-side JScript here:

    http://www.brainjar.com/asp/pool/

    Check the section entitled "Password Encryption" on page 2.

    If you're using ASP.Net, you can use System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile, see:

    http://msdn.microsoft.com/library/en...gFileTopic.asp

  • #9
    Regular Coder
    Join Date
    Aug 2003
    Posts
    565
    Thanks
    0
    Thanked 0 Times in 0 Posts
    thanx a lot Brainjar, really helpfull


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •