Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
How to generate a 6 char hash
Message
From
04/03/2010 16:49:18
Alejandro Sosa
Panamá, Panama
 
 
To
04/03/2010 14:05:12
Al Doman
M3 Enterprises Inc.
North Vancouver, British Columbia, Canada
General information
Forum:
Visual FoxPro
Category:
Third party products
Title:
Re: How to generate a 6 char hash
Environment versions
Visual FoxPro:
VFP 9 SP1
Miscellaneous
Thread ID:
01452509
Message ID:
01452637
Views:
58
>>Hi,
>>
>>I need to generate a 6 char hash of a string where each character of the hash can be an upper letter or a number. I'd like to use Craig Boyd's vfpencryption.fll, but don't know how to go about it. Any suggestions?
>
>One possibility:
>
>SET LIBRARY TO VFPEncryption.FLL
>?STRCONV( Hash( "This is a test", {some hash function choice} ), 15 )
>
>* Above creates a hex-encoded string of varying lengths depending on your choice of hash function
>* e.g. setting {some hash function choice} = 5 (MD5), creates a 32-character string
>* Online documentation at http://www.sweetpotatosoftware.com/SPSBlog/2009/08/09/MajorVFPEncryptionUpdate.aspx
>
>* You can then take any 6-character substring of that result
>
>This is a simple approach that avoids base-36 (A-Z plus 0-9) calculations.
>
>A couple of drawbacks to this approach:
>
>- the return string uses only 0 - 9 and A - F (just the hex characters), it does not use G - Z. So, a 6-character hash would have only 16^6 distinct values (16,777,216). If you choose some other method that does include G - Z, then that increases the distinct hashes to 36^6 (2,176,782,336)
>
>- depending on how critical the hash is for verification purposes, you need to be aware of so-called "hash collisions", i.e. the possibility that two different strings could yield the same hash value. With the code I provided above, the chance is about 1 in 17 million. If you include G - Z, it drops to about 1 in 2 billion. This may be enough for casual comparisons of relatively unimportant strings but it's definitely not good enough for serious security/encryption. For example:
>
>- suppose you're storing a hash of a password (good practice), rather than the password itself
>- if someone can read your table and read the 6-character hash value, it's not difficult with modern computing hardware to generate another password that yields the same hash value and would allow access to your program
>
>To give you an idea of the current state of cryptography, MD5 is considered "broken" these days i.e. it's not too difficult for someone with serious computing power to generate a plaintext that yields any desired MD5 hash value. MD5 gives a 32-character hex string, which is far more robust than just a 6-character hex string.

Thank you for the answer. The purpose is to generate a calculated password that varies through time. I ended up creating a function Num2Base36 that receives a CRC(hash(string)) and produces the desired 6 char PW. The PW is not to protect Fort Knox.
Previous
Reply
Map
View

Click here to load this message in the networking platform