I’m trying to view the file’s MD5 checksum next to the file. How is it possible?

# Tag: hash

## Is it secure to use a hash of a login token as an anti-csrf token?

Alright here is my proposal:

Use a hash of a login token as the anti-CSRF token.

## Why this is a good idea?

- Prevents having to store anything extra on the client, the server, and less network traffic as we don’t need to transfer an additional cookie on every request
- All the benefits of cookie based CSRF token
- Login token still can’t be accessed by JS (Its a non-reversible hash so we output the hashed login cookie in a meta tag, AJAX can still use it without exposing the login token
- If login token is indeed unique per session (even between the same users) then each csrf token will be unique per session (minus collisions)

Is there any security problems I am missing? Obviously this would only work for pages where the user is logged in. But that shouldn’t be an issue.

Btw by “login token”, I mean a securely pseudorandom string that is stored on the server and on the client in the form of a cookie that allows the server to authenticate a user without them having to enter their password each time the page changes.

## What would be the effect on the number of leading zeros hash generation if bitcoin increase its nonce size from 32 to 60 or 100 bits?

If Bitcoin increases its nonce size from 32 bits to double or triple the size, how will it affect the speed of getting the right hash with the required number of zeros?

## Can I use a cryptographic hash function to prove my authorship of an anonymous article?

From what I understand, hash functions are one-way functions. Let’s say that I want to publish an opinion article anonymously, but there is a possibility that I later want to prove that I was the one that wrote the article. Is it possible for me to simply put my identifying information, such as my name, birthday, and social security number, into a cryptographic hash function, and place that hash as my “pseudonym”? The question is the same question as Deniable proof of authorship, but I don’t understand the answer, and I’m not sure if the answer pertains to the use of a hash function.

If this works, are there any downsides? Are there common mistakes that people like me make? I don’t see a way to break this function other than to enter the identifying information of every single person in the world and see if it matches the pseudonym.

Also, what is a PGP? When I was searching my question on the internet, this term popped up quite often.

Please let me know if this is not the correct place to post this question.

## Are HAIFA-construction based hash functions (e.g. Argon2) resistant to length-extension attacks?

Would a HAIFA-construction based hash function like Argon2 be vulnerable to length-extension attacks?

(I say that Argon2 is HAIFA-based because BLAKE is, and Argon2 is based off of BLAKE)

## Perfect Hash Function: How does it cope with lookups outside the set of keys?

I’m currently looking at perfect hash functions. One thing I miss from the texts I’ve read so far is, how they cope when attempting to look up with a key that is outside of the set from which the perfect hash was generated from.

## Hash table with $n(1+\epsilon)$ space using power of $d$ choices and cuckoo hashing

I’m trying to construct a hash table in which we store $ n$ items using $ n(1+\epsilon)$ space. Lookups should be worst case $ O(1)$ and insertion/deletion should be $ O(1)$ in expectation.

*Thoughts:* The idea is to have a main table that is size $ n$ . We use the power of $ d$ choices to find a cell for a given item. Let the max capacity per cell in the main table be a constant $ c$ . We hash the item with $ d$ different hash functions and place the item in the cell with the most room. If that fails (that is, no cells have room), we move the item to an overflow table that is size $ n\epsilon$ for $ 0 < \epsilon < 1$ . The overflow table will use Cuckoo hashing. I need to find a $ d$ and $ c$ for which this works.

Cuckoo hashing works well when the load factor is under $ 1/2$ . That means with $ n\epsilon$ space, we should never move more than $ \frac{n\epsilon}{2}$ items from the main table into the overflow table. We need to pick $ d$ such that the number of collisions greater than $ c$ is at most $ \frac{n\epsilon}{2}$ .

I’m not sure where to go from here (or if I’m on the right track). Any help is appreciated.

## How can I hash an attributed graph?

I am interested in solving the following problem using a learning to hash algorithm:

I’ve got several attibuted graphs (a graph with node and edge labels – you can think about that as a description logic query) and I want to perform similarity search between a query and a document (both represented as an attributed graph).

After googling a lot, I found only a Kernelized Locality-Sensitive Hashing algorithm (KLSH) solution, the following one: Kernelized Hashcode Representations for Relation Extraction.

Locality-Sensitive Hashing demands more bits than a learning algorithm to represent data. It’s not an ideal solution.

Question:

Is there a learning to hash algorithm to perform similarity search for description logic queries?

## Is there any security concern if I kept password hash on client side?

I have an application that need to be able to work in offline, But the requirement is to authenticate everytime the application is open.

So If I also kept password hash on client side to make it be able to authenticate when there is no internet, Is there anything I should concern?

Thank you very much in advance

## I don’t know how to identify the password behind the hash

so I am total noob at this , just starting out. I found online an web app that is vulnerable to blind sql injection, I manage to get in users table and I looked at my password, in the table was the hased version, this one->57b0fcbe39b9336d, now I know that my password is dinamo, knowing the hashed version and the original password how I can use this informations to find out the hashed method?