Raccoon Posted May 3, 2014 Report Share Posted May 3, 2014 I want to have a secret that can be derrived by a sentence that i'll just remember.I would then be able to sit at any computer, derive the secret (by using online hash generator) and download my files. So few questions1. can the secret by any string of chars, or there is some "format" requirments?2. what hashing algorithm is best to use to hash the sentence (or something different than hashing algo?)3. any potential draw backs of this method (except the obvious that if usnig online hash generator, the site will know the secret) Quote Link to comment Share on other sites More sharing options...
Raccoon Posted May 5, 2014 Author Report Share Posted May 5, 2014 isn't that idea too cool to be ignored? Quote Link to comment Share on other sites More sharing options...
RomanZ Posted May 6, 2014 Report Share Posted May 6, 2014 @Raccoon 1. Please see forum topic: http://forum.bittorrent.com/topic/29304-rules-for-valid-secret/2. "best" from which point of view? Cryptographical strength? Calculation speed? Something else?3. Yes, there is one major drawback: the strength of the secret generated in that way. The hash generated in such way becomes very vulnerable to brute force attack with vocabulary. Quote Link to comment Share on other sites More sharing options...
Raccoon Posted May 6, 2014 Author Report Share Posted May 6, 2014 Well, which hash function will have 40+ chars output? Other than that I don't think it matters much? Basically, I just hash a sentence, then base64 it and can use it as custom secret, right? Quote Link to comment Share on other sites More sharing options...
RomanZ Posted May 8, 2014 Report Share Posted May 8, 2014 You can use SHA-256 then Base-64 encode it. You'll get exactly 40 characters. Also, you can simply base-64 encode your sentence as well, it just needs to be more than 32 chars length to get 40 symbols in Base64 Quote Link to comment Share on other sites More sharing options...
Raccoon Posted May 8, 2014 Author Report Share Posted May 8, 2014 Actually yes! I can just base64 it.Is there any advantage to hashing it before that that i'm missing? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.