Questions tagged [sha256]
SHA-256 is a hashing algorithm.
199 questions
4votes
2answers
647views
Are truncated SHA-256 hashes safe enough when collisions are not a risk?
Apologies if this is a duplicate, I’m having trouble even to find the right words for it. As far as I am aware, password authentication usually works in a way that the server stores a hash of the ...
- 153
3votes
1answer
194views
SHA-256: thoughts and experiment
Take the following sequence, for example: hello! = string a SHA-256 of a: ce06092fb948d9ffac7d1a376e404b26b7575bcc11ee05a4615fef4fec3a308b = b SHA-256 of b: ...
1vote
1answer
1kviews
Can SHA-256 be used as a crude replacement for cryptographic signing?
I’m planning out how I’m going to set up some diy smart outlets in my house, and I’m trying to decide the best way to make them at least mostly secure. My current plan is to use a public http server ...
- 121
8votes
2answers
1kviews
Revisiting: Pre-hash password before applying bcrypt to avoid restricting password length
Okta released a security advisory 4 days ago, stating that accounts with username longer than 52 characters can login with arbitrary password under specific conditions. Some people in X/Twitter ...
- 83
2votes
1answer
469views
What encryption algorithm is putty using?
I have setup an AlmaLinux9 server with SSHD. I have also generated a priv+pub key on my workstation, and when I check the algorithm used by my key it shows: ssh-keygen -l -f myprivatekey.pem 2048 ...
- 189
0votes
0answers
215views
BLE Challenge-Response Authentication Using Pre-Shared Key and SHA-256
I’m working on a Bluetooth Low Energy lock system and have implemented a challenge-response authentication flow for secure communication between the lock (an ESP32 device) and the user's phone. I'm ...
0votes
0answers
10views
What is the point of a gpg file alongside the hash of a Linux ISO download? [duplicate]
I use linux and tend to distro hop a lot. I've noticed often that the distributions offer that you verify the download with a sha256sum hash and a GPG key. My understanding is that a file, e.g. a ...
- 21
0votes
1answer
855views
JWT - Able to change signature and its still verified?
I just ran into something strange IMO. I created a RSA Key using nodejs cryptoutils to use with my JWT auth server. What I observer using jwt.io was the following: The last letter of the signature can ...
2votes
2answers
643views
Does a database with pre-calculated SHA256 values exist for Windows EXEs?
Background: At my place of work, we're trying to block all unapproved browsers on all Windows machines and the IT Security guys did a search on our internal infrastructure and came up with a list of ...
- 133
0votes
1answer
122views
Implications of SHA256 implementation producing false / unexpected hashes
I found that one of our programs uses an sha256 implementation, that produces different hashes for same inputs, compared to standard libraries (in this case compared to node:crypto and Web Crypto API. ...
- 135
-2votes
1answer
983views
Is it possible to bruteforce SHA256? [duplicate]
SHA256, 64 characters using only 0-9 or lowercase a-f Making 1.15792089E+77 total possible combinations. Is it possible to crack the input for its given hash?
- 1
0votes
1answer
787views
Generating a SHA-256 hash from the Linux command line
I know the string "03a34b99f22c790c4e36b2b3c2c35a36db06226e41c692fc82b8b56ac1c540c5bd" generates the SHA-256 hash 4c0b2d2f119a09b607cb273a745b2b0430d5192e0c4e536f932be5d1a6be5883 using https:...
15votes
6answers
9kviews
Is it possible to generate a file with a given sha256sum checksum?
Is it possible to generate a file with a given sha256sum checksum? That is, reverse the process of a sha256sum checksum. That is, if we have a checksum, can we generate txt file data (need not be ...
- 223
1vote
0answers
163views
The hash of kali-linux-2022.4-raspberry-pi-arm64.img.xz changed after burning it into an sd card
I was burning an iso file into the sd card with pi imager and I doubled checked the hash before the burning and after and I got different results sha256sum kali-linux-2022.4-raspberry-pi-arm64.img.xz ...
0votes
1answer
719views
Generating AES 256 key from ECDH P-384
Is there anything wrong with hashing(with SHA256) the shared secret generated by ECDH that is 384 bits long and using that as the AES key? Is there a difference between that and, say, truncating the ...
