|
It's actually "Veni, vidi, vici"
- Xint0
|
|
|
|
|
eheheh right Xint0
|
|
|
|
|
Xint0 wrote: "Veni, vidi, vici"
|
|
|
|
|
Hi there
I am encrypting passwords to a database and wish to use the .NET framework to encrypt them.
I know that MD5 and SHA-1 have been compromised. However for the purpose of passwords in a database how weak are they? If they are too weak what is another decent algorithm?
Thanks
Dan
|
|
|
|
|
|
You can use CRC(Cyclic redundacncy code) but that is for check .
i have no idea whether it can use for encryption
Subhash jain (Sundyne Technologies pvt. ltd.- 604,B wing,Trade world Lower parel Mumbai)
|
|
|
|
|
Depends on how secure you need the password to be, if the server is resonably secure then I don't think (might be wrong) that you'll need to bother with more expensive hashes, if MD5 is slightly compromised but offers considerable performance advantages over SHA512 say then if the server's fairly secure why waste time performing all those extra calculations which are not needed?
|
|
|
|
|
Hi,
It is more than correct... it is pointless to use SHA-2, 512 for Intranet database, knowing that no "elite hackers" are working in your company.
I use MD5 for intranet CRM/ASM database and its speed and size is preferred.
Regards
|
|
|
|
|
DanB1983 wrote: I am encrypting passwords to a database and wish to use the .NET framework to encrypt them.
Your actually 'hashing' them.
DanB1983 wrote: I know that MD5 and SHA-1 have been compromised. However for the purpose of passwords in a database how weak are they? If they are too weak what is another decent algorithm?
I am not sure what you think the weakness here is. For databases, you hash the password and store that. I am assuming your getting a hashed password from somewhere else and comparing that to the hash in the database. If this is the case and the hash is being transported securely than I am not sure what the concern is...
|
|
|
|
|
A.A. wrote: DanB1983 wrote:
I know that MD5 and SHA-1 have been compromised. However for the purpose of passwords in a database how weak are they? If they are too weak what is another decent algorithm?
I am not sure what you think the weakness here is. For databases, you hash the password and store that. I am assuming your getting a hashed password from somewhere else and comparing that to the hash in the database. If this is the case and the hash is being transported securely than I am not sure what the concern is...
Improved crytopgraphic attack methods and faster CPUs are increasing the likelyhood that they'll become vulnerable to bruteforce attacks in the semi-near future. Better algorythms include the SHA variants with longer bit lengths.
--
Rules of thumb should not be taken for the whole hand.
|
|
|
|
|
dan neely wrote:
Improved crytopgraphic attack methods and faster CPUs are increasing the likelyhood that they'll become vulnerable to bruteforce attacks in the semi-near future. Better algorythms include the SHA variants with longer bit lengths.
I am aware of this (fyi: its not so much as bruteforce as finding collisions in hashes produced by different documents) , I don't see the relevance to his problem though, because the hashes are compared on the DB side anyway.
|
|
|
|
|
If you are designing the authentication protocol try this:
Rmt: I want authorization
Host: Use this 64-bit random number
Rmt: append 64 bits to users password and run MD5/SHA-1/whatever and send hash to host
Host: run same hash algorithm and compare hashes
For more host side security only store hash of password. Rmt response must compute password hash (the one the host has stored) and append the 64 bits to that then run the final hash and send it off to the host.
In either case someone monitoring the entire data flow learns nothing about the actual key. Replay attacks are also foiled.
A similar approach would work with reasonably smart RFID chips.
|
|
|
|
|
Hi,
i want to know, how to measure the usage of CPU in %?
I've got a code, that returns me kernel time, user time and idle time of CPU in ticks (FILETIME), but i want it to be in percentage - like in UNIX 'top'.
How to convert and count it?
Best regards,
Krystian
P.s.
I understand that it might be wrong forum to post it, but i guess that converting ticks into percent is an algorithm.
Krystian
|
|
|
|
|
ok, nobody answered and i did the job ;]
Here's how:
First thing: kernel time is a sum of real kernel time and idle time, because of the fact, that cpu is always 'busy' - you can find Idle process in Windows Task Manager. So to get actual kernel cpu usage You will have to do: kf - idf.
Second thing: You can't count it just like that. GetSystemTimes gives You time spent on kernel/idle/user processes from the start of You system. So You have to get one time, wait like 100ms and get second time. Then substract the first from the second to get a delta.
You don't have to substract the miliseconds from the delta, because each of them's got it added, and You only count percentage.
Let's say that:
uf : user cpu time delta
kf : kernel cpu time delta
idf : idle cpu time delta
and now:
to get percent of cpu user time, You have to:
(uf / (idf + (kf - idf) + uf))*100
to get percent of cpu kernel time, You have to:
((kf - idf) / (idf + uf + (kf - idf)))*100
and the last thing, idle time:
(idf / (uf + (kf - idf) + idf))*100
Please note, that this is made on INT64, not on FILETIME that You will get from GetSystemTimes WinAPI function - You have to cast it properly.
Best regards,
Krystian
|
|
|
|
|
Nice thing you posted your solution even if you found it yourself Dziękują
|
|
|
|
|
krystian_pl wrote: ...how to measure the usage of CPU...
For a particular process, or the computer as a whole (i.e., all processes)?
"Approved Workmen Are Not Ashamed" - 2 Timothy 2:15
"Judge not by the eye but by the heart." - Native American Proverb
|
|
|
|
|
Hi all.
I am David and I am writing "big integer" class. In my class I use "long long Number[_NUMBER]" ( in C++) and I need algorithm of division,
it is not problem if this algorithm will use bit set and not "long long" type, I need that it was fast. In other words I need algorithm that divides one vector onto another
this vector can be vector of bits ( Ex: [1, 1, 1, 0, 0, 1, 0, 1, 0, 1] ) or vector of number ( Ex: [1258, 16546, 54646846, 54685, 088946, 555468, 8864, 11213, 1] )
Thanks for any help.
|
|
|
|
|
You could check out libGMP (GNU Multiple Precision Library), which is Open Source (zlib-licensed, IIRC) and does the same thing.
Alternatively, you could model the thing by re-implementing what you would do when you divide one number by another. Just do some divisions and model those steps. That, however, probably is not the best way to do divisions. You should check the "Math"-Forum for better algorithms.
|
|
|
|
|
I apologize. I missed the fact that you already posted this in the Math-Forum.
Thats what you get when you usually only read the VC-forums.
|
|
|
|
|
I'm working on a similar class LongMath.
Have you had any luck with division?
I've completed add, subtract and multiplication of negative/position whole and non-whole numbers but have been stuck on the division. I can divide negative/positive numbers but only whole numbers and I'd like to compare notes. Interested?
|
|
|
|
|
"Interested?"
Yes I am.
About your problem:
Use integer division for your non integer Number.
Ex:
121/11 = 11 if 1.21/11 = (121/11)*0.01
or
14/3 = 4+2/3 = 4+(20/3)*0.1 = 4+(6+2/3)*0.1 = 4+(6+(20/3)*0.1)*0.1=
=...=4+0.6+0.06+0.006+0.0006+.....
it is idea and math.I hope you like this.
Can you send my division algorithm?
|
|
|
|
|
I'll apply the above to my class and I'll email you my source or I'll email you a link to it.
Class Diagram::LongMath
<span style="width: 10px;"></span>Addition <br />
<span style="width: 20px;"></span>Add(sourceA <font color="#0000ff">As String</font>, sourceB <font color="#0000ff">As String</font>) <font color="#0000ff">As String</font><br />
<span style="width: 10px;"></span>Subtraction <br />
<span style="width: 20px;"></span>Subtract(sourceA <font color="#0000ff">As String</font>, sourceB <font color="#0000ff">As String</font>) <font color="#0000ff">As String</font><br />
<span style="width: 10px;"></span>Multiplication <br />
<span style="width: 20px;"></span>Multiply(sourceA <font color="#0000ff">As String</font>, sourceB <font color="#0000ff">As String</font>) <font color="#0000ff">As String</font><br />
<span style="width: 10px;"></span>Division<br />
<span style="width: 20px;"></span>Divide(divisor <font color="#0000ff">As String</font>, dividend <font color="#0000ff">As String</font>) <font color="#0000ff">As String</font><br />
This may take me a few days with the holidays here and all.
|
|
|
|
|
|
Hi,
I was playing around with a BigInteger class recently and so have come across the same problem.
The fastest way I could think of is below, if you say x / y = z (with remainder = r).
1. Find the leading 64 bits of your big number (x)
2. Find the leading 32 bits of your divisor (y).
3. Divide (1) by (2) to give you the leading 32 bits of z.
4. Multiply (3) by y and take this number from x
Continually applying steps 1-4 reduces the size of x until you are within +/- 1 of the correct value of z.
This is fast because all operations are O(n) or less if you code them properly!
Hope this is of some use & good luck!
Russ
|
|
|
|
|
Hi, I can't help specifically with c++ code to do long division .. but I wrote code in vb to do arbitrary precision floating point math.
The division method that I used turned out to be suprisingly fast and much easier to implement than addition or subtraction with signed floating point numbers.
The method is called the Newton-Raphson method or just Newton's method. I won't go into it here, just search for it, you'll find numerous examples.
I don't know how well it would would with integers only since the method uses multiplication, addition and subtraction iteratively but principal is sound anyway.
The guts of the divide method I wrote is this:
Do While Compare <> Guess
Compare = Guess
Guess = Left(Multiply(Subtract("2", Multiply(y, Guess)), Guess), Precision)
Loop
If your multiply, add and subtract methods can handle large numbers (this one uses strings) and you provide code to prevent the length of the result with each iteration from getting too long then sometime like may work. Each iteration will double the accuracy.
With another 50 or so lines of code this method can divide numbers thousands of digits long in milliseconds.
I also read somewhere where the Newton method is the fastest for divison.
|
|
|
|