dqu92800 2011-07-30 06:58
浏览 150
已采纳

为什么哈希(不使用盐)随机数?

The following snippet of code is in php but I've seen developers of other web programming languages hash random numbers.

if ($loginValid=='yes') {
    $token = sha256(generateRandomNumber());
    $_SESSION["token"] = $token;
    $_SESSION["userid"] = $id;
    setcookie("authenticationtoken", $token, ...)
}

sha256 is a cryptographic hash function. Since it does not use a salt, whatever input you give it, the same output comes out. Try it out:

http://www.xorbin.com/tools/sha256-hash-calculator

In what context is hashing (without using a salt) a random number considered good practice?

  • 写回答

2条回答 默认 最新

  • douxin1163 2011-07-30 07:01
    关注

    My guess is that it's just a simple way of getting a hash of a known size, independently of the size that generateRandomNumber() returns. Obviously if generateRandomNumber() has a small range, that will be reflected in the number of distinct hashes returned too.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 Stata 面板数据模型选择
  • ¥20 idea运行测试代码报错问题
  • ¥15 网络监控:网络故障告警通知
  • ¥15 django项目运行报编码错误
  • ¥15 请问这个是什么意思?
  • ¥15 STM32驱动继电器
  • ¥15 Windows server update services
  • ¥15 关于#c语言#的问题:我现在在做一个墨水屏设计,2.9英寸的小屏怎么换4.2英寸大屏
  • ¥15 模糊pid与pid仿真结果几乎一样
  • ¥15 java的GUI的运用