Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / Security / April 2008

Tip: Looking for answers? Try searching our database.

MessageDigest Length

Thread view: 
Enable EMail AlertsStart New Thread
sean@onset.com.au - 12 Dec 2007 01:18 GMT
Does anyone know if there is a way of setting the length of the hashed
value returned from a message digest?
Reply to this Message
Robert Kochem - 15 Dec 2007 12:07 GMT
sean@onset.com.au schrieb:

> Does anyone know if there is a way of setting the length of the hashed
> value returned from a message digest?

Sorry, but this does not make sense to me. Each digest algorithm has a
specified output length, e.g. MD5 128-Bit, SHA-1 160bit ...
Truncating this output may result in collisions and extending the output is
also not destined.

If you want a deterministic variable length output generated by a given
input you should look for a PRNG (Pseudo Random Number Generator) using
it's seed as input value.

Robert
Reply to this Message
Roedy Green - 24 Feb 2008 14:49 GMT
On Sat, 15 Dec 2007 13:07:47 +0100, Robert Kochem
<robert@mailueberfall.de> wrote, quoted or indirectly quoted someone
who said :

>If you want a deterministic variable length output generated by a given
>input you should look for a PRNG (Pseudo Random Number Generator) using
>it's seed as input value.

see http://mindprod.com/jgloss/digest.html
why you would not want to do that.
--

Roedy Green Canadian Mind Products
The Java Glossary
http://mindprod.com
Reply to this Message
Roedy Green - 24 Feb 2008 14:43 GMT
>Does anyone know if there is a way of setting the length of the hashed
>value returned from a message digest?

each algorithm has a standard fixed length. If you want a different
length, use a different algorithm.

See http://mindprod.com/jgloss/digest.html
--

Roedy Green Canadian Mind Products
The Java Glossary
http://mindprod.com
Reply to this Message
Maarten Bodewes - 22 Mar 2008 16:25 GMT
> Does anyone know if there is a way of setting the length of the hashed
> value returned from a message digest?

There isn't, but in general a good message digest spreads all the
information over all the bits of the result. So you can just cut stuff
off of the message digest. In protocols, you generally take the first
bytes from the returned byte array (e.g. within Key Generation or 4 byte
3DES MAC).

Maarten
Reply to this Message
Roedy Green - 24 Mar 2008 15:41 GMT
On Sat, 22 Mar 2008 16:25:42 +0100, Maarten Bodewes
<maarten.bodewes@xs4all.nl> wrote, quoted or indirectly quoted someone
who said :

>> Does anyone know if there is a way of setting the length of the hashed
>> value returned from a message digest?

There is not much point in generating a 256 bit digest then using only
the first 16 bits.  You can same yourself considerable CPU cycles by
generating a 16 bit digest directly .

Just pick an algorithm with the size you want. For a list of
algorithms see http://mindprod.com/jgloss/digest.html

Short ones are usually called "checksums".

Signature

Roedy Green Canadian Mind Products
The Java Glossary
http://mindprod.com

Reply to this Message
Maarten Bodewes - 30 Mar 2008 23:06 GMT
> On Sat, 22 Mar 2008 16:25:42 +0100, Maarten Bodewes
> <maarten.bodewes@xs4all.nl> wrote, quoted or indirectly quoted someone
[quoted text clipped - 11 lines]
>
> Short ones are usually called "checksums".

That's the worst advice I've seen for years. The strength is in the
algorithm mostly, not in the length of the value that you use. A CRC
does not provide cryptographic security *at all*. Of course, you cannot
delete bits without destroying the chances of creating hash collisions,
but at least you would not be able to just calculate them.

Actually, you should not be posting here if you know this little about
cryptography.

Regards,
Maarten
Reply to this Message
Roedy Green - 06 Apr 2008 15:42 GMT
On Mon, 31 Mar 2008 00:06:26 +0200, Maarten Bodewes
<maarten.bodewes@xs4all.nl> wrote, quoted or indirectly quoted someone
who said :

>Actually, you should not be posting here if you know this little about
>cryptography.

I did not see any mention of cryptography.
Signature


Roedy Green Canadian Mind Products
The Java Glossary
http://mindprod.com

Reply to this Message
Roedy Green - 06 Apr 2008 15:43 GMT
On Mon, 31 Mar 2008 00:06:26 +0200, Maarten Bodewes
<maarten.bodewes@xs4all.nl> wrote, quoted or indirectly quoted someone
who said :

>Actually, you should not be posting here if you know this little about
>cryptography.

If he wants only 16 bits, the purpose is not going to be cryptography.
Signature


Roedy Green Canadian Mind Products
The Java Glossary
http://mindprod.com

Reply to this Message
rmoldskr+usenet@online.no - 06 Apr 2008 21:03 GMT
> That's the worst advice I've seen for years. The strength is in the
> algorithm mostly, not in the length of the value that you use.

No matter what algorithm you use, a single bit digest won't be very secure.

Signature

Leif Roar Moldskred
Got Sfik?

Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.