Encryption - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: Other (https://sampforum.blast.hk/forumdisplay.php?fid=7)
+--- Forum: Everything and Nothing (https://sampforum.blast.hk/forumdisplay.php?fid=23)
+--- Thread: Encryption (/showthread.php?tid=566675)

---

Encryption - Isolated - 07.03.2015

Hello,

I'm running a poll to see what you guys use in ways on encryption. Please take a second of your time to vote so I can see what should be included in an upcoming release.

Thank you!

EDIT: Sorry for the typo in the poll!

---

Re: Encryption - DRUNKY - 07.03.2015

Whirlpool

---

Re: Encryption - Isolated - 07.03.2015

@Drunky, you voted MD5, does this mean you use both? Which do you mainly use.

---

Re: Encryption - Sledgehammer - 07.03.2015

Whirlpool is the most securest out of the lot, where as the others can be cracked.

---

Re: Encryption - Mauzen - 07.03.2015

You can crack them all. Without salt its a matter of milliseconds.

---

Re: Encryption - Extremo - 07.03.2015

I'd say that entirely depends on if someone has already created a database of all the possible input - hash references and even then what if your password isnt in those bounds? Not to mention the time required to traverse such a large database. I don't think those are milliseconds at all not to mention that it has become quite popular among some industries to hash the password for minutes, in order to increase the time required to create such a database.

However yes, salt's definitely add a giant layer of security. However the combination of hashing multiple times and a salt make the time required to crack it so vast, it is a pointless task at this point.

---

Re: Encryption - Isolated - 07.03.2015

Wrong info

---

Re: Encryption - zT KiNgKoNg - 07.03.2015

Are you sure, as I've tested this with a few "Online Decrypts" and used PHP & PAWN hashed password, and they've always come out as Expected....

But OT: I usually use a two or three stage encryption with a SALT, I don't know if its me being me or the best thing to do regardless.

---

Re: Encryption - Isolated - 07.03.2015

@above, I do apologize the topic I read was out of date, it can now be cracked using a rainbow table or similar. But that's just a large table of hashes, useless with salts.

---

Re: Encryption - Mauzen - 07.03.2015

Most of modern hash algorithms have yet to be cracked, though most of them are designed and mathematically proven to be 100% irreversible. But thats no guarantee for security anymore.

Imagine something like an enormous database that contains the hash values and their source string, for pretty much every possible combination of characters. Now you just search for the hash value you want to "crack", and youll end up with the original, unhashed string, without having to calculate the billions and trillions of hashs on your own computer.

Thats no fiction but is easily available. Its called "Rainbow table", and they exist for every hash method with an open algorithm - including whirlpool. Using unsalted hashs isnt any better than using plaintext, no matter what hashing method you use. Properly salted MD5 owns unsalted Whirlpool by far.

---

Re: Encryption - RebeloX - 07.03.2015

Has Vince said, Encryption != Hashing.
Encryption is the process of encoding messages or information in such a way that only authorized parties can read it and Hashing is a hash function which is considered practically impossible to invert, that is, to recreate the input data from its hash value alone.

I'm not an expert on this subject but what I know about this is, hash are considered practically impossible to invert, which means there is no reverse function but sometimes they can reach limits like MD5, I know that MD5 has collision problems, this means that you can type two words and obtain the same hash. But the question is, how do you crack a hash? Create a wordlist. If you search on ****** you'll find websites that crack hash's because they've a hugh wordlist but sometimes they can't crack because that hash doesn't exist on the wordlist.
So what they create an website to hash and crack at the same time, so when you type lololol23 they'll record this on the database. The solution is to use salt, so when the user types lololol23 you add a salt and the password will be lololol23samp and with this your hashing system will be more secured.

---

Re: Encryption - PT - 07.03.2015

Well i prefer use Whirlpool or Sha512, i'm not expert on this but for what i learn or what i search i can see this 2 are very secure ways to store data.

---

Re: Encryption - Crystallize - 07.03.2015

Sha1

---

Re: Encryption - Isolated - 07.03.2015

it's nice to see people researching their chosen methods, and I'm in no way judging but @Wizzard2H; if I were you, again not judging, I'd look into different methods of hashing. Keeping up to date with security on your server or application is key.

---

Re: Encryption - Crystallize - 07.03.2015

Well , I'm out of scripting , but I always used SHA1 even tho there were better hashing methods :P

---

Re: Encryption - Kapersky™ - 08.03.2015

Whirpool.

---

Re: Encryption - ev0lution - 08.03.2015

Bcrypt, it includes a salt by default and has a variable 'cost', so you can increase the time it takes to run as computers become faster in order to prevent billions of hashes being checked per second.

---

Re: Encryption - biker122 - 08.03.2015

I use Whirlpool and SHA1.
But... I use Whirlpool in most of my projects..

---

Re: Encryption - Zalance - 08.03.2015

Whirlpool.

---

Re: Encryption - Kaperstone - 08.03.2015

Never use SHA1 or MD5 for password checking.

---