Shared Verify list on cloud plateform ?

Hello
Feature Request ?

In the same principle that SEO indexing it would be really good if all the verified urls which are currently on all the PCs of all the GSA SER users are accessible via a web platform and downloaded every day. What shares, also receive the list. If we do this, we would eliminate a lot of the problem of proxy, waiting time etc …
But maybe is only a dream… :)

Should I keep running my old projects as Active, Or just Verify

Greetings, friends.
Wondering if I should keep running some of my oldest set of GSA projects as active…and not just set to Verify only…
I mean those oldest projects where I just link to my money site directly with SER.
I don’t think I need to stop running old projects where SER creates links at T2 T3 .. .. just those pointing RIGHT at the  money site.
…and JUST those projects, of course, that I have newer replacements for with my own T1s, either on PBNs, a few legit listings, and various social media and other content platforms, and hopefully some authority links.
Is it ever OK to link directly to a money site with SER?
I have Asia Virtual Solutions active, blog comment, directory, forum, guestbook,Image COntent, Microblog, Pingback, Referrer, RSS, Social Bookmarks, Trackbacks, Web 2.0, Wiki running.
I also have a separate set of older projects that post to anything that will accept an article pointing at the money site. The articles are OK. Spun, hand-written, reviewed spintax for accuracy. On those I have Asia Virtual Solutions (projects to MS that use articles), articles, blog comments, pingbacks,referrers, social bookmarks, social networks, and wikis that use articles when posting.
This is how I chose to set up older projects. Are *either* the first set of projects, or the second that use articles,  appropriate as a T1 pointing at  a money site? And if not, what SHOULD I be using SER-generated backlinks? I’m *SURE* some will suggest SEREngines. I’ve haven’t used SEREngines since the last version, so if someone could explain I would very much appreciate it. Trying to do SEO right, finally. No more continuing poor practices that are just from a time I didn’t know better.
Should I *NOT* have been doing this? Is it considered “spam practices” by Google? At some point, I came to to understand that T1s should be stable and basically be legit. Is it OK?

How to verify PGP signature with signing key using Enigmail in Thunderbird [migrated]

I received an email like this above:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1  Because anyone can claim to be me. There's no validation of the user name or email address when someone posts a comment. While I do try to remove imposters, some may slip through. By signing my comments using this technique, anyone can independently verify that I was the author of the message by validating the signature. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (MingW32)  iD8DBQFFxqRFCMEe9B/8oqERAqA2AJ91Tx4RziVzY4eR4Ms4MFsKAMqOoQCgg7y6 e5AJIRuLUIUikjNWQIW63QE= =aAhr -----END PGP SIGNATURE----- 

And another email with the public key. How can I verify if the signature is valid using the Enigmail in Thunderbird?

C# Isopoh Argon2 Implementation hash does not verify


Summary

  • trying to implement password hashing using Argon2 in C#
  • I have already tried searching, and can’t find this specific issue. Nor does there seem to be a lot of good (easy for me to interpret?) examples for C# Argon2 (please let me know if there is a better way than Isopoh)
  • Using a C# implementation (Isopoh.Cryptography.Argon2) as recommended here
  • I can generate hashes with no issues, passing through various arguments for the Argon2Config
  • I can verify hashes with no issues ONLY IF the hash length is = 32. Anything seems to fail
  • However, I can verify ALL hashes online

This is my first post here so do let me know if I should make any amendments accordingly.

Thanks in advance for any help in resolving this!

Background

I’m testing out different ways of storing encrypted data. I already have a way to encrypt/decrypt data, But I am now looking at ways to implement proper password hashing (and to also use this hashed password as the key for the encryption of the other data – but I will raise this in another thread once I get to that point).

I am developing using VS2019 in a Windows 10 x64 environment. Whilst I’m not new to programming, I am learning C# (from VB.NET), and I’m certainly no expert in Cryptography.

I’m using an implementation of Argon2 that I found recommended in this post to learn how to securely store/hash passwords.

Issue

I can get the hashing process to work (whilst customising the configuration). However, when it comes to verifying the hash, I cannot verify the hash if I use any other hash length apart from 32 – I can play around with the other config settings and it works, but not the hash length.

BUT, where it gets really weird, when I generate a hash that uses a hash length not equal to 32, I verify it using this site, and I get a successful verification

Code

  • I’ve installed the Isopoh.Cryptography packages in the project via NuGet (using v1.1.4)

Namespace:

using System.Security.Cryptography; using Isopoh.Cryptography.Argon2; using Isopoh.Cryptography.SecureArray; 

Variable:

private static readonly RandomNumberGenerator Rng = RandomNumberGenerator.Create(); 

Hashing code:

        string str_ConsoleText;          txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText("[START NEW HASH]");         txtConsole.AppendText(Environment.NewLine);         str_ConsoleText = "Starting encryption process";         txtConsole.AppendText(str_ConsoleText);         txtConsole.AppendText(Environment.NewLine);          var stopwatch = Stopwatch.StartNew();          //var password = "password1";         var password = txtPasword.Text;         byte[] passwordBytes = Encoding.UTF8.GetBytes(password);         byte[] salt = new byte[16];                              Rng.GetBytes(salt);          txtSalt.Text = salt.ToString();          var config = new Argon2Config         {             Type = Argon2Type.HybridAddressing,             Version = Argon2Version.Nineteen,             TimeCost = Int32.Parse(txtIterations.Text),             MemoryCost = Int32.Parse(txtMemory.Text) * 1024,             Lanes = Int32.Parse(txtParallelism.Text),             Threads = Int32.Parse(txtThreads.Text),             Password = passwordBytes,             Salt = salt, // >= 8 bytes if not null             //Secret = secret, // from somewhere             //AssociatedData = associatedData, // from somewhere             HashLength = Int32.Parse(txtHashLength.Text) //20 // >= 4         };         var argon2A = new Isopoh.Cryptography.Argon2.Argon2(config);         string hashString;         using (SecureArray<byte> hashA = argon2A.Hash())         {             hashString = config.EncodeString(hashA.Buffer);         }          txtHashResult.Text = hashString;          stopwatch.Stop();          str_ConsoleText = "Encoded hash is: ";         txtConsole.AppendText(str_ConsoleText);         txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText(hashString);         txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText("Details are:");         txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText("Time cost: " + config.TimeCost.ToString());         txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText("Memory cost: " + config.MemoryCost.ToString());         txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText("Lanes: " + config.Lanes.ToString());         txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText("Threads: " + config.Threads.ToString());         txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText("Salt: " + config.Salt.ToString());         txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText("Hash length: " + config.HashLength.ToString());         txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText(Environment.NewLine);                  str_ConsoleText = $  "Encryption process took { stopwatch.ElapsedMilliseconds / 1024.0 } s";         txtConsole.AppendText(str_ConsoleText);         txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText("[END HASH]"); 

Verifying code:

        var stopwatch = Stopwatch.StartNew();          string str_ConsoleText;          var password = txtPasword.Text;         var passwordHash = txtHashResult.Text;          txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText("[START VERIFY HASH]");         txtConsole.AppendText(Environment.NewLine);         str_ConsoleText = "Starting verification process";         txtConsole.AppendText(str_ConsoleText);         txtConsole.AppendText(Environment.NewLine);          txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText(Environment.NewLine);         str_ConsoleText = "[Hash to verify]: ";         txtConsole.AppendText(str_ConsoleText);         txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText(passwordHash.ToString());         txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText(Environment.NewLine);           if (Isopoh.Cryptography.Argon2.Argon2.Verify(passwordHash, password))         {             // do stuff             str_ConsoleText = "!!!!!!!!!!HASH VERIFICATION SUCCESS!!!!!!!!!!";             txtConsole.AppendText(str_ConsoleText);         }         else         {             str_ConsoleText = "******HASH VERIFICATION FAILED******";             txtConsole.AppendText(str_ConsoleText);         }           stopwatch.Stop();         txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText(Environment.NewLine);         str_ConsoleText = $  "Verification process took { stopwatch.ElapsedMilliseconds / 1024.0 } s";         txtConsole.AppendText(str_ConsoleText);         txtConsole.AppendText(Environment.NewLine);                                 txtConsole.AppendText(Environment.NewLine);         txtConsole.AppendText("[END VERIFY HASH]"); 

Outputs/Results

Password = Hello World!

Hash length = 32:

[START NEW HASH] Starting encryption process Encoded hash is:  $  argon2id$  v=19$  m=32768,t=4,p=8$  bPsTGKZu/reihfAlLEVlCA$  o79dNC9/toz7CbbFhhkSy4/E2a5pRETd7h+79R7V7iU Details are: Time cost: 4 Memory cost: 32768 Lanes: 8 Threads: 4 Salt: System.Byte[] Hash length: 32  Encryption process took 2.130859375 s [END HASH]  [START VERIFY HASH] Starting verification process      [Hash to verify]:  $  argon2id$  v=19$  m=32768,t=4,p=8$  bPsTGKZu/reihfAlLEVlCA$  o79dNC9/toz7CbbFhhkSy4/E2a5pRETd7h+79R7V7iU  !!!!!!!!!!HASH VERIFICATION SUCCESS!!!!!!!!!!  Verification process took 1.3115234375 s  [END VERIFY HASH] 

Argon2.online hash verification:

enter image description here

Hash length = 64:

[START NEW HASH] Starting encryption process Encoded hash is:  $  argon2id$  v=19$  m=32768,t=4,p=8$  h/zEPuZWQsBSAPhZn23gRQ$  6FZzr5DhOMemPTzZ5WY+4MgsxKsxYLNuRbiKo8og+FoYOJFfBsfdCtr1Zs8z6lXVX+E7FUYsGaLA2ZESH6aE0w Details are: Time cost: 4 Memory cost: 32768 Lanes: 8 Threads: 4 Salt: System.Byte[] Hash length: 64  Encryption process took 2.0400390625 s [END HASH]  [START VERIFY HASH] Starting verification process   [Hash to verify]:  $  argon2id$  v=19$  m=32768,t=4,p=8$  h/zEPuZWQsBSAPhZn23gRQ$  6FZzr5DhOMemPTzZ5WY+4MgsxKsxYLNuRbiKo8og+FoYOJFfBsfdCtr1Zs8z6lXVX+E7FUYsGaLA2ZESH6aE0w  ******HASH VERIFICATION FAILED******  Verification process took 1.3076171875 s  [END VERIFY HASH] 

Argon2.online hash verification: enter image description here

I can verify solutions to my problem in polynomial time, how would a non-deterministic algorithm arrive to a solution if it always takes $2^n$ bits?

Decision Problem: Given integers as inputs for $ K$ and $ M$ . Is the sum of $ 2^k$ + $ M$ a $ prime$ ?

Verifier

m = int(input('Enter integer for M: ')) sum_of_2**K+M=int(input('enter the sum of 2^k+m: '))  if AKS.sum_of_2**K+M == True:    # Powers of 2 can be verified in O(N) time   # make sure there is all 0-bits after the 1st ONE-bit      # Use difference to verify problem    if sum_of_2**K+M - (M) is a power_of_2:     OUTPUT Solution Verified 

The powers of 2 have approximately $ 2^n$ digits. Consider $ 2^k$ where $ K$ = 100000. Compare the amount of digits in $ K$ to the amount of digits in it’s solution! Also take note that the powers of 2 have $ 2^n$ bits as its 0-bit Unary essentially for the exponent $ n$ .

Question

How would a non-deterministic machine solve this problem in polynomial time?

When a user registers their mobile number during sign up, how can we verify that they really own the mobile number?

A lot of websites send a 4-digit or 6-digit one-time code to a mobile number via SMS or phone call when the user registers a mobile number on the website?

Is this a secure way to validate the ownership of mobile number? Are there any issues with it?

If it is not secure, are there any better alternatives?

Is a SHA checksum enough to verify integrity and authenticity?

This is a broader question but here a concret example:

From https://www.apache.org/info/verification.html :

File hashes are used to check that a file has been downloaded correctly. They do not provide any guarantees as to the authenticity of the file.

I don’t understand this part: They do not provide any guarantees as to the authenticity of the file.

The checksum used is from a trusted HTTPS source (Eg: https://downloads.apache.org/tomcat/tomcat-8/v8.5.56/bin/apache-tomcat-8.5.56.zip.sha512).

How a file can not be authentic if it match a checksum from a HTTPS trusted source?

Or do I miss something and I still need to validate with a GPG key?

How to numerically verify that principal value?

Mathematica finds

Integrate[Exp[I*s]/(1 + s/(s^2 - 1)^2), {s, -Infinity, Infinity}, PrincipalValue -> True] // ToRadicals (*A huge closed-form expression which is omitted here.*) N[%] (*-1.414 + 0.192275 I*) 

The use of the principal value is grounded by the plots

Plot[{Cos[s]/(1 + s/(s^2 - 1)^2),Sin[s]/(1 + s/(s^2 - 1)^2)},{s,-5,5},WorkingPrecision->30,PlotPoints -> 50] 

enter image description here

It’s clear that the integrand has its real singularities at the real roots of the denominator, so

sol = Reduce[1 + s/(s^2 - 1)^2 == 0, s, Reals] // ToRadicals;  sol[[1]][[2]] (*-(1/(2 Sqrt[3/(4 + (155/2 - (3 Sqrt[849])/2)^(1/3) + (1/2 (155 + 3 Sqrt[849]))^(1/3))]))  -  1/2 Sqrt[8/3 - 1/3 (155/2 - (3 Sqrt[849])/2)^(1/3) -  1/3 (1/2 (155 + 3 Sqrt[849]))^(1/3) +     2 Sqrt[3/( 4 + (155/2 - (3 Sqrt[849])/2)^(1/3) + (1/2 (155 + 3 Sqrt[849]))^(  1/3))]]*)  N[%] (*-1.49022*)  sol[[2]][[2]] (*-(1/(2 Sqrt[3/(4 + (155/2 - (3 Sqrt[849])/2)^(1/3) + (1/2 (155 + 3 Sqrt[849]))^(1/3))])) +  1/2 Sqrt[8/3 - 1/3 (155/2 - (3 Sqrt[849])/2)^(1/3) -   1/3 (1/2 (155 + 3 Sqrt[849]))^(1/3) + 2 Sqrt[3/( 4 + (155/2 - (3 Sqrt[849])/2)^(1/3)+(1/2 (155 + 3 Sqrt[849]))^( 1/3))]]*) 

However, I have doubts concerning the obtained principal value because the integrand asymptotically equals $ \exp(is)$ as $ s\to \infty$ and $ s\to -\infty$ and $ $ PV\int_{-\infty}^\infty \exp(is)\,ds $ $ does not exist.

In view of it I try to verify it numerically through

NIntegrate[Exp[I*s]/(1+s/(s^2-1)^2),{s,-Infinity, -(1/(2 Sqrt[3/(4+(155/2-(3 Sqrt[849])/2)^(1/3)+(1/2 (155+3 Sqrt[849]))^(1/3))]))- 1/2 Sqrt[8/3-1/3 (155/2-(3 Sqrt[849])/2)^(1/3)-1/3 (1/2 (155+3 Sqrt[849]))^(1/3)+ 2 Sqrt[3/(4+(155/2-(3 Sqrt[849])/2)^(1/3)+(1/2 (155+3 Sqrt[849]))^(1/3))]], -(1/(2 Sqrt[3/(4+(155/2-(3 Sqrt[849])/2)^(1/3)+(1/2 (155+3 Sqrt[849]))^(1/3))]))+ 1/2 Sqrt[8/3-1/3 (155/2-(3 Sqrt[849])/2)^(1/3)-1/3 (1/2 (155+3 Sqrt[849]))^(1/3)+ 2 Sqrt[3/(4+(155/2-(3 Sqrt[849])/2)^(1/3)+(1/2 (155+3 Sqrt[849]))^(1/3))]],Infinity}, Method->"PrincipalValue",AccuracyGoal->3,PrecisionGoal->3,WorkingPrecision->50] 

which results in the error message

NIntegrate::ncvb: NIntegrate failed to converge to prescribed accuracy after 9 recursive bisections in s near {s} = {3.7749613270651398879039428756113970426387939277790*10^28}. NIntegrate obtained 8.8211977939280824575415993952100374290963331174834*10^47 I and 9.1940327832901306869987159913883594088789773626283`50.*^47 for the integral and error estimates.

and

 (*-2.6098684408162971553635553440779848277629513026488*10^49 +   8.8211977939280824575415993952100374290963331174789*10^47 I*) 

Constructive suggestions are welcome.