# How secure is a partial 64bit hash of a SHA1 160bit hash?

 HOME ยป Information Security
So http://en.wikipedia.org/wiki/SHA-1 SHA-1 produces a 160-bit
(20-byte) hash valueand As of 2012, the most efficient attack
against SHA-1 is considered to be the one by Marc Stevens with an
estimated cost of \$2.77M to break a single hash value by renting CPU
power from cloud serversWith a theoretical attack taking 2^60
operationsSo if a custom verification algorithm only the first 64bits
of the full hash how secure is that? How many operations would it
require?
 In Ruby, why is Hash[:a, 1] and Hash[[[:a, 1]]] giving the same result {:a => 1}, while Hash[[:a,1]] gives an empty hash? > Hash[:a,2,:b,4] => {:a=>2, :b=>4} > Hash[:a,1] => {:a=>1} > Hash[[:a,1]] => {} > Hash[[[:a,1]]] => {:a=>1} /> Programming Languages Is it possible to convert a 40-character SHA1 hash to a 20-character SHA1 hash? My problem is a bit hairy, and I may be asking the wrong questions, so please bear with me... I have a legacy MySQL database which stores the user passwords & salts for a membership system. Both of these values have been hashed using the Ruby framework - roughly like this: hashedsalt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--") hashedpassword = Digest::SHA1.hexdigest("#{hashedsalt}:#{password}")So both values are stored as 40-character strings (varchar(40)) in MySQL. Now I need to import all of these users into the ASP.NET membership Programming Languages (Problem Solved) Hash(m1 xor m2) = Hash(m1) xor Hash (m2) Is this true in case of SHA1 Can anyone shed some knowledge on this? My answer is no, it is not true, because SHA1 has a strong collision resistant property. Web Design Generating a SHA1 hash in Windows Phone outputs a different hash I'm currently using the built-in methods in Windows Phone and Silverlight to create a SHA1 hash of a string. This is the code:private static string CalculateSHA1(string text) { SHA1Managed s = new SHA1Managed(); UTF8Encoding enc = new UTF8Encoding(); s.ComputeHash(enc.GetBytes(text.ToCharArray())); System.Diagnostics.Debug.WriteLine("Original Text {0}, Access {1}", text, Convert.ToBase64String(s.Hash)); return Convert.ToBase64String(s.Hash); }For example, I tried generating a hash for this string: "hello". />Silverlight Output: Programming Languages HMC SHA1 hash - C# producing different hash output than PHP I have a code in PHP and that is below when i Execute the Below PHP code and when i Run the C# code which is below PHP Code i got different Result I dont know where I am wrong. />\$accessID = "member-1681fca809";\$secretKey = "63f22236ab43b69462b3272b110e3c78";\$expires = 1357039353; />\$stringToSign = \$accessID."".\$expires;\$binarySignature = hash_hmac('sha1', \$stringToSign, \$secretKey, true); />\$urlSafeSignature = urlencode(base64_encode(\$binarySignature)); />print_r(\$expires);print_r(\$urlSafeSignature);I got Output1357039353M1PZW2DYVzdRV1l4ZHBPAmiv9iM%3D />< C & C++ & C# How secure is a partial 64bit hash of a SHA1 160bit hash? So http://en.wikipedia.org/wiki/SHA-1 SHA-1 produces a 160-bit (20-byte) hash valueand As of 2012, the most efficient attack against SHA-1 is considered to be the one by Marc Stevens with an estimated cost of \$2.77M to break a single hash value by renting CPU power from cloud serversWith a theoretical attack taking 2^60 operationsSo if a custom verification algorithm only the first 64bits of the full hash how secure is that? How many operations would it require? Information Security

 - Technology - Languages + Webmasters + Development + Development Tools + Internet + Mobile Programming + Linux + Unix + Apple + Ubuntu + Mobile & Tablets + Databases + Android + Network & Servers + Operating Systems + Coding + Design Software + Web Development + Game Development + Access + Excel + Web Design + Web Hosting + Web Site Reviews + Domain Name + Information Security + Software + Computers + Electronics + Hardware + Windows + PHP + ASP/ASP.Net + C/C++/C# + VB/VB.Net + JAVA + Javascript + Programming