SHA-256 is a hashing algorithm.
Questions tagged [sha256]
193 questions
33
votes
2 answers
SHA256 security: what does it mean that attacks have broken "46 of the 60 rounds of SHA256"?
Wikipedia reports
Currently, the best public attacks break 46 of the 64 rounds of SHA-256 or 46 of the 80 rounds of SHA-512.
What does this mean, and how safe is SHA-256 expected to be in the conceivable future? To a layperson, 46 out of 64 may…
Random Random
2
votes
1 answer
Attack on the custom token-based sha256 security scheme
I have token made as sha256("public text" + "secret value"), or any number of such tokens with the same "secret value" but different "public text". sha256 that is used is not salted - so that sha256-ing the same text will always produce the same…
Ivan Sopov
- 123
- 4
2
votes
1 answer
Time of working generating hash with sha2
It is fragment of pseudocode algorithm SHA2 from wikipedia:
break message into 512-bit chunks
for each chunk
create a 64-entry message schedule array w[0..63] of 32-bit words
For me, it means that time of working SHA2 algorithm depends on size…
SDasd
- 433
- 4
- 7
1
vote
1 answer
is it possible to find the original value of a hashed string, if you don't have the entire hash
I'm wondering if there is a faster way than bruteforcing to find the original contents of a string if you have/know:
60 % of the original string (30/50 characters)
the amount of characters the string has.
know a range of the 8 first possible…
user3499284
- 113
- 3
1
vote
2 answers
Possible to send password in plain text with SHA-256?
I just registered on a site where I had to specify sensitive information, eg. my card number. I got a confirmation mail where my password, the one I specified as my login password, was in plain text. I learned that password should NEVER be in plain…
Gulbanan
- 11
- 2
0
votes
2 answers
What should we expect of the SHA256 of a file's webpage vs. the one we get once we download the file?
I want to know whether the SHA256 of a file changes from being available for download to once we downloaded to a device.
For example, I got the URL…
u20210512
- 3
- 1
0
votes
1 answer
How many bits of security does a hash as a verifier provide?
Let's say I have a binary string s, that is generated by a cryptographically secure random byte generator, and a hash function SHA-256.
I am using the hash h=sha256(s) as a one-time password verifier and send it to the server, how many bits of…
Gamer2015
- 727
- 6
- 12
0
votes
1 answer
SHA256 hash can be used to decrypt data?
I have a backup script that encrypts everything using AES 256
Every day, I generate a random binary file as the password, and encrypt this random file with my public key.
Until now, I printed the SHA256 hash of the unencrypted file on the log, but…
Javier Loureiro
- 101
- 1
0
votes
2 answers
multiple call of gcry_md_write function
May be it 's not a question for information security stack exchange and if it's true excuse me for my mistake.
I want to understand how this code works:
char *s = "1";
char *s_2 = "2";
unsigned char *x;
gcry_md_hd_t h;
gcry_md_open(&h,…
MrSetplus
- 41
- 1
- 3
0
votes
3 answers
Is it easier to calculate a partial SHA256 collision than a full one?
Question: Disregarding brute-force, is it any easier to calculate a partial hash collision, in which only a certain number of bits match?
Reasoning: On many websites you find hashes for file downloads. That's nice for integrity checks from the…
Jens
- 319
- 2
- 12
0
votes
2 answers
Sha256 hash + secret GUID + RNGCrypto random number to hash passwords
I'm maintaining a website which uses Sha256 hashing of passwords.
The passwords are hashed with a GUID key, and a RNGCrypto generated random salt.
I'm just trying to understand the security risks associated with this scheme.
If an attacker is able…
user1751825
- 945
- 4
- 10
0
votes
1 answer
Find SHA256 if I only have part of the string
I need to find the SHA256 hash of s string like this: "part1-part2".
I know the SHA256 hash of part1 and I know what part2 represents, but I don't know what is the contents of part1.
Is there any chance I can compute the hash of the whole string…
Daniel
- 111
- 3