TalkPHP - View Single Post

Village Idiot · 08-27-2009, 12:00 AM

1. Not necessarily. Salts have to turn a string no matter how small into a string (well, base-16 number in md5's and sha1's case) of a given size. The fewer characters the string is the more values overlap, but the larger the string is the more patterns it reveals that can allow it to be reverse-engineered.Keep in mind that these hashing functions are all advanced mathematical algorithms.

2. In a closed source app, there is no best way. Just attach something anywhere on the string and it will throw the entire hash out of whack.

08-27-2009, 12:00 AM	#2 (permalink)
Village Idiot Wizard Join Date: Sep 2007 Posts: 1,299 Thanks: 17	1. Not necessarily. Salts have to turn a string no matter how small into a string (well, base-16 number in md5's and sha1's case) of a given size. The fewer characters the string is the more values overlap, but the larger the string is the more patterns it reveals that can allow it to be reverse-engineered.Keep in mind that these hashing functions are all advanced mathematical algorithms. 2. In a closed source app, there is no best way. Just attach something anywhere on the string and it will throw the entire hash out of whack. __________________