使用MD2散列独特的字符串

我有一个唯一的电子邮件地址列表 - 一个非常简单的问题。 如果电子邮件是唯一的,则输出始终是唯一的,</ p>

  hash('md2',$ email); 
</ code> </ pre>
</ DIV>

展开原文

原文

I have a list of unique email addresses - a very simple question. If the email is unique will the output always be unique,

hash('md2', $email);

doujupa7567
doujupa7567 不,这就是哈希冲突或冲突
5 年多之前 回复

3个回答



像MD2这样的散列函数就像名称建议消息摘要算法一样,它们采用任意长度的输入并给出固定长度的输出。 唯一输入必然存在冲突。</ p>

您可以使用更强大的哈希函数,如SHA-256,与MD2相比,两个字符串之间的冲突极不可能。 生日悖论在这里适用,所以你不应该使用MDx函数或任何短于256位散列函数的东西。</ p>

我看到你正在散列电子邮件地址。 根据您的系统,这可以通过碰撞来利用。 例如,某些电子邮件提供商启用“myname+1@domain.com”,“myname+2 @domain.com”等形式的虚拟地址。 攻击者可能会使用该事实来查找与已知其他电子邮件地址的冲突,以获取密码重置电子邮件或类似信息。</ p>
</ div>

展开原文

原文

Hash functions like MD2 are like the name suggests message digest algorithms they take an arbitrary length input and give a fixed length output. There are bound to exist collisions for unique inputs.

You can use stronger hash functions like SHA-256 where a collision between two strings is highly unlikely compared to MD2. The birthday paradox applies here, so you shouldn't use MDx functions or anything shorter than 256-bit hash functions.

I see you're hashing e-mail addresses. Depending on your system, this can be exploited with a collision. For example, some e-mail providers enable virtual addresses of the form "myname+1@domain.com", "myname+2@domain.com" and so on. An attacker might use that fact to find a collision with a known other e-mail address to get for example the password reset e-mail or something like that.



MD2产生128位的散列。 您可以通过散列2 ^ 128 + 1个字符串来保证至少一个哈希冲突。 </ p>
</ div>

展开原文

原文

MD2 produces a hash of 128 bits. You can guarantee at least one hash collision by hashing 2^128+1 strings.

dpylt7626401
dpylt7626401 好吧,祝你好运。
5 年多之前 回复



根据WikiPedia,最好的攻击是:</ p>


In 2009年,MD2被证明易受碰撞攻击,时间复杂度为2 ^ 63.3压缩函数评估和2 ^ 52哈希值的内存需求。 这比预期需要265.5压缩函数评估的生日攻击要好一些。</ p>
</ blockquote>

然而,找到短电子邮件地址的冲突仍然很棘手 。</ p>

如果您真的需要更多安全性和</ em> 128位散列值,那么使用SHA-256的第一个(最左边)128位会更好一些, 在撰写本文时被认为是安全的。 当然首选使用全256位。</ p>

偶然发生碰撞的几率接近于零。 因此,如果您只是使用它来创建一些独特的东西(即不考虑目标攻击),那么使用MD2就可以了。 即便如此,如果您可以更改协议,请改用SHA-256。</ p>
</ div>

展开原文

原文

Well, the best attack, according to WikiPedia is:

In 2009, MD2 was shown to be vulnerable to a collision attack with time complexity of 2^63.3 compression function evaluations and memory requirements of 2^52 hash values. This is slightly better than the birthday attack which is expected to take 265.5 compression function evaluations.

It would however still be tricky to find a collision for a short email address.

If you really require more security and a 128 bit hash value you are much better off by using the first (leftmost) 128 bits of SHA-256, which is considered secure at the time of writing. Using the full 256 bits is of course preferred.

The chances of creating a collision by accident are close to zero. So if you just use this to create something unique (i.e. without considering targeted attacks) then using MD2 is fine. Even then, if you can change the protocol, use SHA-256 instead.

dongshi3818
dongshi3818 或者当然,如果您使用PHP,则前32个十六进制字符。
5 年多之前 回复
Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
立即提问
相关内容推荐