can we generate 16 bytes hash using bcrypt? - bcrypt

I am planning to use bcrypt library for hashing the password with a max length of 16 bytes, the standard bcrypt library is generating the hash of 31 bytes as per the below example:
$2a$12$SBdXpoExjoJBtyVS3GBbh.VR4TlNWSrM0XRRDJjAw0fnw8TLhuDj6
Is it possible to generate the shorter hash of 16 bytes by changing some configuration or macro?
I tried changing the macro BCRYPT_HASHSIZE to 16 and 32 but it is not working as expected.
Thank you,
Regards,
Shreyas.

No, there is no way to shorten the resulting hash.
You need to increase the size of your varchar(50) to varchar(200) to hold everything required.

Related

How to have a 128-bits/32 character encryption in codeigniter?

I wanted to encrypt a string from an input using Encryption Library in codeigniter, I wanted it to generate a 32 char regardless on how long the input is but the number of character generated from encrypt() deters on how many characters the input...
If you could encrypt any string down to 32 characters, 50 gigabyte games and 8K three hour movies could be compressed down to 32 characters. Obviously, that's not possible.
Consider a MD5 or SHA1 hash of the string. It won't be decryptable, and it won't be guaranteed to be unique, but it'll be a fixed, predictable length.

Ruby OpenSSL changing the block-size

Is it at all possible in OpenSSL to change the block size? I am using Ruby and from what I can tell there is no way to do this.
I just want to confirm this is true. Here is a link to the only method I can find related to block size which just returns what the block size is. https://ruby-doc.org/stdlib-2.4.0/libdoc/openssl/rdoc/OpenSSL/Cipher.html#method-i-block_size but other than that I don't see a way to do this. Is it possible? I know I can set the key size but not the block size. It seems it is stuck with a 128-bit block size?
Specifically I want to use AES which I understand is only a 128-bit block size. But Rijndael which is what AES is based on can be set up to a 256-bit block size so I was wondering if OpenSSL would allow me to set the block size.
No, it's not possible.
AES, as standardized by NIST, is a subset of the Rijndael cipher family. While Rijndael supports several different block and key sizes, AES is only defined to use a block size of 128 bits and a key size of either 128, 192 or 256 bits.
The list of ciphers supported by OpenSSL only includes AES, not Rijndael.
The OpenSSL AES implementation is hardcoded to use a block size of 16 bytes (= 128 bits).
Short of adding Rijndael as a new cipher to OpenSSL and rebuilding the library yourself, you will not be able to use OpenSSL to encrypt or decrypt data using any of the Rijndael variants other than those standardized as AES.

ruby base64 encode 128 bit number by starting with a 2 bit character to prevent padding at the end

This question is a follow up to my previous question here: How can I convert a UUID to a string using a custom character set in Ruby?
But I will try to formulate it as a separate and specific question.
I do have a Ruby 128 bit UUID as hex value:
SecureRandom.uuid #=> "2d931510-d99f-494a-8c67-87feb05e1594"
If I get the IFC specification correctly (http://www.buildingsmart-tech.org/ifc/IFC2x3/TC1/html/ifcutilityresource/lexical/ifcgloballyuniqueid.htm), I want to Base64 encode this, but instead of getting padding at the end, I want the output to begin with a 2bit character(4 options), instead of 6 bits(needed for 64 options).
This way I think I can end up with a string of 22 characters (1 of 2bits, and 21 of 6bits for a total of 128 bits).
Is it possible to tweak the Ruby base64 in this way?
Short answer: no. Technically speaking, that is not standard Base64 so Ruby's standard lib will not deal with it.
Ruby's Base64 lib takes its input as bytes, so you need to get your input data to be divisible by 8. But you want 4 zero bits in front of your UUID, so that's 4+128=132 so the next closest multiple of 8 is 136 i.e. 17 bytes. You can discard the extra randomness at the end:
x = SecureRandom.gen_random 17 # get a little extra randomness
x[0] = (x[0].ord & 0x0f).chr # 0 out the first four bits
Base64.strict_encode64(x)[0...22] # discard extra randomness
The one downside of this approach is that your 128 bit UUID is weirdly aligned inside x and hard to see on its own. If you want to get the 128 bits out you can do that with some pack/unpack:
[x.unpack("B*")[0][4...132]].pack("B*")

find encryption algorithm from known input and output

I have some inputs and outputs of a encryption function and i'm trying to find algorithm of it:
input:hello
output:eee5ab79be1ca8033fc790603b4d308c3c0a4e38
input:test
output:ebf3c7fb5cecf8ca04ca79dd0bbaa6e42120ffec
input:tennis
output:97e6335558d16337a5e712a3525a3766ab7a3454
input:a
output:0c57bfdc2835cdf0fab05fe08d37ffc5373f1ba8
input:b
output:67482459148ba04c2f12e83cdd18cbfe343978ee
input:c
output:380050d0dbf8293d16b7b4837d84abf4ae6b6d83
input:d
output:d0eae9775bac581b174dc4eaf0f6cc6cd284ad61
input:e
output:00626906c39804e9f441800c629900fd706002f8
input:f
output:7d6ae6cf3aa98f05bace0abc355474810f37c83d
input:0
output:324df299bcf4760d1523cb63ef5c4b2d1d4d371b
input:1
output:4a35df90d96cf1ed7aa008e99d1637b941d29605
input:2
output:2629ecf6a43d69aa06f7dfd5eabdba318d23132d
input:3
output:90225564ae81006f3747fb90d51dab4bac26fbac
input:4
output:3100cc28c4ef0f79e2d29c77a265aef1b2d0e70a
input:5
output:325fbdc73b2e874c287471e315949dc972846434
input:6
output:7d1bad0d82c2b62cfa0719f45acc50732579c206
input:7
output:89dd853798aea657f9ce236b248993b1f5c7bf55
input:8
output:83038f49e7954004aeafd2073b0c0c5a91d1ae7a
input:9
output:ab8fcf8532ed3c0367d6e5fa7230e4317296d6e4
outputs are hexadecimal and fixed length(40 characters)
inputs are unicode characters
Can anyone help me?
What you're asking isn't possible, because we would need to guess both the encryption algorithm and the encryption key
In addition, it appears that the algorithm in question has a 160-bit block size (which is why the output is a fixed 160 bits - presumably if it were given 161 bits of input then its output would be 320 bits), but I am not aware of any encryption algorithm with a 160-bit block size - block sizes are typically a power of 2 (e.g. 128 bits or 256 bits). Maybe it's an encryption algorithm with a 128 bit block size plus a 32 bit checksum, but that's just complicating an already impossible task.

Hash function to produce a code of 30 chars?

I need to hash a message into a string of 30 chars. What's the best and most secure hash function for this usage?
Thirty characters (bytes) is 240 bits.
If you can't move the goal-post to allow 32 characters, then you will probably end up using SHA-1, which generates 160-bits or 20 bytes. When Base-64 encoded, that will be 28 characters. If you use a hex-encoding, it will be 40 characters, which is nominally out of range. With 32 characters, you could use SHA-256, but Base-64 encoding would increase that size (to 44 characters) and hex-encoding increases the size to 64 characters.
If you must use hex-encoding and can go to 32 bytes, then MD5 - which generates 128 bits - could be used, though it is not recommended for any new systems. With Base-64 encoding, MD5 uses 24 characters. Otherwise, you are using very minimally secure algorithms - not recommended at all.
Just use SHA1 and trim to 30 characters.
import hashlib
hash = hashlib.sha1("your message").hexdigest()[:30]
It's been proven that cutting characters off a cryptographically secure hash function such as SHA1 has negligible effects on its security (can't find the reference now though)

Resources