Open SSL Hash passwords. Open SSL Passwords. This creates a hash value which has salt using a range of methods.
Password strength. Test. This outlines the strength of various passwords types.
Password generation/hashing. Hashing. Password generation/hashing using JavaScript
Splunk hashed passwords (SHA512crypt). Splunk. This implemented SHA512crypt, as used in Splunk.
Theory
The following are the tips related to hashing:
Balls in bins. BiBa. This implemented balls in bins.
Birthday attack (with Big Integers). Calc. This provides a simple example of the birthday attack.
Birthday attack. Calc. This provides a simple example of the birthday attack.
Differential Cryptanalysis (Hashing). Cryptanalysis. This provides an implementation of differential cryptanalysis for hashing methods.
MD5, SHA-1
The following are the tips related to hashing:
MD2 and MD4MD2/4. The MD2 and MD4 hashing functions were developed by Prof Ronald Rivest in 1989 and 1990, respectively. They both produce a 128-bit hash, but have been shown be vulnerable to attack (see the Collision section in the page).
MD5 and SHA-1 (to Base-64) with saltSalt. It is possible to add salt to the MD5 algorithm, to mix it up a little.
MD5 and SHA-1 (to Base-64)Hash. MD5 and SHA-1 produces a hash signature, and the output is typically shown in a hex format or a Base-64. In this example the output is converted into a Base-64 format.
MD5 and SHA-1. Hash. MD5 and SHA-1 methods produce a hash signature, and are the two of the most widely used methods. The MD5 algorithm has been shown to have weaknesses, and a collision of message hashes has been shown to occur in less than one day. An MD5 signature has 128 bits, an SHA-1 signature has 160 bits, and an SHA-256 signature has 256 bits.
MD5 Cracking. Hash Cracker. MD5 has a 128-bit signature and can be cracked using rainbow tables. This page tries to crack the MD5 signature.
Hashing with node.js. Hashing. Hashing with node.js.
Other Hash functions
The following are the tips related to hashing:
Bloom FilterBloom filter. A Bloom filter goes a probabilistic method of determining if an element is in a data structure, using indexed hashing methods.
Cuckoo TableCuckoo filter. A Cockoo table uses two hash funtions.
Chaffing. Chaffing. This produces a keyless system.
GP Hashing with Go. GP Hashing. GP Hashes with Go.
LDAP. LDAP. This produces a LDAP hash signature for a password.
LM Hash. LM Hash. This is an LM Hash Calculator. LM Hash is used in many versions of Windows to store user passwords that are fewer than 15 characters long.
Murmur and FNVMurmur and FNV. While hashing methods such as MD5 and SHA-1 use crypto methods, the Murmur and FNV hashes uses a non-cryptographic hash function. This can be used for general hash-based lookup and was designed by Austin Appleby. It has good performance compared with other hashing methods.
phpass. phpass. This produces a phpass hash signature for a password.
RIPEMD (RACE Integrity Primitives Evaluation Message Digest) and GOST. RIPEM160. RIPEMD is a 128-bit, 160-bit, 256-bit or 320-bit cryptographic hash function, and was created by Hans Dobbertin, Antoon Bosselaers, and Bart Preneel. It is used on TrueCrypt and is open source. The 160-bit version is seen as an alternative to SHA-1, and is part of ISO/IEC 10118
Tiger. Tiger. Tiger is a 192-bit hash function and was designed by Ross Anderson and Eli Biham in 1995. It is often used by clients within Gnutella file-sharing networks and does not suffer from known attacks on MD5 and SHA-0/SHA-1. Tiger2 is an addition, in which the message is padded with a byte of 0x80 (in a similar way to MD4, MD5, and SHA), whereas in Tiger it is 0x01. Otherwise, the two methods are the same in their operation.
Whirlpool. Whirlpool. Whirlpool is a 512-bit cryptographic hash function and was created by Vincent Rijmen (one of the AES creators) and Paulo Barreto, in 2000.
The Length Extension Attack. Length Extension Attack. The MD construct has many weaknesses, and one of the most serious is the length extension attack. With this an adversary (Eve) can take a hash for an unknown message, and then add additional data to produce a new valid hash. The hash methods which are at risk against the length extension attack are MD5, SHA-1 and SHA-256. Please follow the code link below to run an example.
Hazmat Hashes. Hazmat Hashes. This includes the hashing methods in the Hazmat cryptography library. This includes Blake2p, Blake2s, MD5, SHA1, SHA224, SHA256, SGA384, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHA512, SHA512-224, SHAKE128 and SHA256.
Consistent hashing. Consistent hash. This outlines the usage of Consistent hashes.
Similarity hashes
The following are the tips related to similarity hashing:
Similarity hash (Charikar similarity)Charikar similarity. The Charikar similarity is used to find similarities between strings, files and metadata.
Similarity hash (Nilsimsa similarity)Nilsimsa. The Nilsimsa similarity is used to find similarities between spam emails.
Minhash (Jaccard similarity)Jaccard similarity. The Minhash method is used to find similarities between strings, files and metadata.
String enthropyString enthropy. Measurement of the entropy of strings.
SHA-3 and SHA-3 contenders
The following are the tips related to Key derivation hashing:
Blake and Blake 2. Blake. Implements Blake and Blake 2 (SHA-3 contender).
Hashing with Rust. Hashing. Hashes with Rust (Blake 2 and Blake 3).
SHA-3, Keccak and SHAKE . SHA-3. Implements SHA-3, Keccak and SHAKE (SHA-3 winner).
SHA-3. SHA-3. SHA-3 was known as Keccak and is a hash function designed by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche. MD5 and SHA-0 have been shown to be susceptible to attacks, along with theoretical attacks on SHA-1. NIST thus defined there was a need for a new hashing method which did not use the existing methods for hashing, and setup a competition for competing algorithms. In October 2012, Keccak won the NIST hash function competition and is proposed as the SHA-3 standard. It should be noted that it is not replacement SHA-2, which is currently a secure method. Overall Keccak uses the sponge construction where the message blocks are XORed into the initial bits of the state, and then inevitably permuted.
Pearson. Pearson. Pearson is one of the fastest hashing methods, and has been designed for 8-bit processors.
C++: t1ha. t1ha. t1ha is one of the fastest hashing methods, and has been designed for 64-bit processors.
C++: Spooky. Spooky. Spooky is one of the fastest hashing methods, and V2 has a 32-bit, 64-bit and 128-bit version.
C++: xxHash. xxHash. xxHash is one of the fastest hashing methods, and has good performance for short data inputs.
C++: MUM. MUM. MUM is one of the fastest hashing methods.
C++: FNV 1/1a. FNV 1/1a. FNV 1/1a is one of the fastest hashing methods, and is particularily useful when there are small changes in strings, such as with IP addresses and URLs.
C++: MetroHash. MetroHash. MetroHash is one of the fastest hashing methods.
C++: CityHash. CityHash. CityHash was created by Google and is one of the fastest hashing methods. It was found to be vulnerable to DoS hashing vulnerabilities.
C++: Farm. FarmHash. FarmHash was created by Google and is one of the fastest hashing methods. It is an improvement to CityHash.
C++: Murmur. Murmur. Murmur is one of the fastest hashing methods, but was found to be vulnerable to DoS hashing vulnerabilities.
C++: Halftime. Halftime. Halftime is one of the fastest hashing methods and was created by Jim Apple at Apache.
C++: Highway. Highway. Highway is an ultra-fast keyed-hash, and is more than five times faster than SipHash. It was created by Jyrki Alakuijala, Bill Cox, Jan Wassenberg at Google.
C++: SipHash. SipHash. SipHash is an ultra-fast keyed-hash and was created by Jean-Philippe Aumasson and Daniel J. Bernstein in 2012.
C++: CLHash. CLHash. CLHash is an ultra-fast hashing method and focused on improving performance of the hashing of long strings.
C++: FalkHash. FalkHash. FalkHash is an ultra-fast hashing method and beats most of the other non-cryptography methods for performance. It is focused on the x64 architecture and integrates with AES-NI.
C++: wyHash. wyHash. wyHash is an ultra-fast hashing method.
C++: Fibonacci. Fibonacci. Fibonacci is an ultra-fast hashing method.
C++: Lookup3. Lookup3. Lookup3 is an ultra-fast hashing method.
Key-based hashing
The following are the tips related to Key-based hashing:
SipHash. Siphash. Siphash is a fast key-based hashing method.
Highway. Highway. Highway is one of the fastest hashing methods, and is key-based.
One Time Passwords/Time Stamps
The following are the tips related to hashing:
One Time Passwords. One Time. This allows a new unique password to be created each instance, based on an initial seed.
Timed One Time Password (TOTP). Timed One Time Password. This allows a new unique passcode to be created each instance, based on an initial seed for a given time window. We will use a five second window in this case, where a new passcode is generated every five seconds, based on an initial seed of a pass phrase.
Hashed One Time Password (HOTP). Hashed One Time Password. This allows a new unique passcode to be created each instance, based on a counter value and an initial seed.
Time Stamp Protocol. TSP. This creates a time stamp for data.
HOTP and TOTP (Python). OTP. This creates hashed passwords.
SHAKE
The following are the tips related to hashing:
SHAKE. SHAKE. Implements SHAKE and which is an Extendable Output Function (XOF).
SHAKE with Go. SHAKE. This implements SHAKE in Go.
libDisco with Go. libDisco. This implements libDisco.
Message authentication codes (MACs)
OMA DigestOMA. Open Mobile Alliance Device Management (OMA DM)
MAC Triple-DES. MAC3DES. MACs can be used to authenticate a message, as a key is required to determine the hash value. With this the sender computes the hash with a secret key and sends to the receiver, where the receiver then calculates the hash of the message, and uses the secret key. If the hash received is the same as the computed one, the message has not been tampered with. The key size can be 8, 16 or 24 bytes. In this case, 24 bytes are used, and produces a hash of 8 bytes (64 bits), using the TripleDES encryption method.
HMAC. HMAC. HMAC is a message authentication code (MAC) and can be used to verify
the integrity and authentication of a message. It involves hashing
a message with a secret key. As with any MAC, it can be used with a standard hash function, such as MD5 or SHA-1, which results in methods
such as HMAC-MD5 or HMAC-SHA-1. As with any hashing function, the
strength depends on the quality of the hashing function, and the resulting
number of code bits. Along with this the number of bits in the secret
key is a factor.
HMAC (Python). HMAC. HMAC is a message authentication code (MAC).
Keyed hash with BLAKE2. Keyed hash. Keyed hashing with BLAKE2 is a faster method of creating a messge authentication code (MAC) than traditional HMAC methods (such as SHA-1 and SHA-256).
Hazmat HMAC. Hazmat HMAC. HMAC methods using the Python cryptography primitives.
Hash to password with Go. Hash to password. Hash to password with Go.
Hash to Elliptic Curve. Hash to ECC. In this we match a value to the nearest point on an elliptic curve.
Hash to Elliptic Curve. Hash to ECC. In this we match a value to the nearest point on an elliptic curve with libnum.
Hash to password with Go. Hash to password. Hash to password with Go.
Proof-of-work
Time-locked encryption (hashing). Time-locked encryption. This creates a key with a given amount of work related to consecutive hashing.
Time-locked encryption (squaring). Time-locked encryption. This creates a key with a given amount of work related to squaring.
Time-locked encryption (cracking). Time-locked encryption. This creates a time-based challenge, without knowing the number of iterations of a hashed key.