VirtualTam's bookmarks

1. Breaking CityHash64, MurmurHash2/3, wyhash, and more... 2024-11-03

   tags: cryptography/hash, programming/c++

   [ permalink ]

   • Hash-flooding DoS reloaded: attacks and defenses (PDF)
2. The Copenhagen Book - General guidelines on implementing authentication and authorization in web applications 2024-04-05

   tags: cryptography/hash, memory/cache, network/http, network/http/cookie, programming/go, security/authentication, security/authorization, security/oauth, security/password

   [ permalink ]

   • pilcrowOnPaper/copenhagen
3. Bloom Filters 2024-03-31

   tags: cryptography/hash, data-structure/bloom-filter, memory/cache, programming/javascript, visualization

   [ permalink ]

   • Akamai - Algorithmic Nuggets in Content Delivery
   • Hashing
   • samwho/visualisations
4. haiti - Hash Type Identifier 2024-03-14

   tags: command-line, cryptography/hash, programming/ruby

   [ permalink ]
5. Storing hashes: bcrypt, pbkdf2, sha256-crypt, sha512-crypt 2021-01-03

   tags: cryptography, cryptography/hash, cryptography/hash/bcrypt, cryptography/hash/pbkdf2, cryptography/hash/sha, security/password

   [ permalink ]

   • https://security.stackexchange.com/questions/4781/do-any-security-experts-recommend-bcrypt-for-password-storage
   • https://security.stackexchange.com/questions/17421/how-to-store-salt
   • https://codahale.com/how-to-safely-store-a-password/
   • https://security.stackexchange.com/questions/133239/what-is-the-specific-reason-to-prefer-bcrypt-or-pbkdf2-over-sha256-crypt-in-pass
   • https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords/31846
6. hashcat - advanced password recovery 2019-11-04

   tags: cryptography/encryption, cryptography/hash, security, security/password

   [ permalink ]

   • https://hashcat.net/wiki/
   • https://github.com/hashcat/hashcat
7. A brief history of the UUID · Segment Blog 2019-05-30

   tags: address, cryptography/hash, cryptography/random, data, date, id, network, programming/go, telephone, unique

   [ permalink ]
8. amazon s3 - What is the purpose of the expiration time in signed S3 urls? - Information Security Stack Exchange 2019-01-10

   tags: cloud-computing/aws, cryptography, cryptography/hash, security, security/authorization

   [ permalink ]
9. mysql - What column type/length should I use for storing a Bcrypt hashed password in a Database? - Stack Overflow 2018-10-21

   tags: cryptography/hash, database, database/mariadb, database/mysql, programming/sql, security/password

   [ permalink ]

   • https://stackoverflow.com/questions/51008351/bcrypt-hashedsecret-too-short-to-be-a-bcrypted-password
   • https://stackoverflow.com/questions/247304/what-data-type-to-use-for-hashed-password-field-and-what-length
10. RabbitMQ - Password Hashing 2018-08-28

    tags: cryptography/hash, message-broker/rabbitmq, programming/python, security, security/authentication, security/password

    [ permalink ]

    • https://www.rabbitmq.com/passwords.html
    • https://stackoverflow.com/questions/41306350/how-to-generate-password-hash-for-rabbitmq-management-http-api
    • https://gist.github.com/christianclinton/faa1aef119a0919aeb2e
    • https://stackoverflow.com/questions/9594125/salt-and-hash-a-password-in-python
    • https://docs.python.org/3/library/hashlib.html
    • https://docs.python.org/3/library/base64.html
11. An Overview of Cryptography | Gary C. Kessler 2018-07-25

    tags: cipher, cryptography, cryptography/certificate, cryptography/encryption, cryptography/hash, security

    [ permalink ]

    • https://www.garykessler.net/library/securityurl.html
12. Counter-alchemists: please stop transforming blockchain fever into IT boredom 2018-03-27

    tags: blockchain, cryptography, cryptography/hash, data, digital, money, security

    [ permalink ]
13. Cracking Codes with Python 2018-01-25

    tags: cipher, cryptography, cryptography/hash, hack, programming/python

    [ permalink ]

    • https://www.reddit.com/r/Python/comments/7sigwp/my_new_book_cracking_codes_with_python_is_now/
14. pyca/cryptography: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. 2017-07-19

    tags: cipher, cryptography, cryptography/hash, programming/python

    [ permalink ]

    Use instead of:

    • https://github.com/Legrandin/pycryptodome
    • https://github.com/Legrandin/pycryptodome
15. appsec - How to securely hash passwords? - Information Security Stack Exchange 2017-05-15

    tags: cryptography/hash, cryptography/salt, database, security, security/password

    [ permalink ]
16. cryptography - Do any security experts recommend bcrypt for password storage? - Information Security Stack Exchange 2017-05-15

    tags: cipher, cryptography/hash, cryptography/hash/bcrypt, security, security/password

    [ permalink ]
17. SHAttered 2017-02-24

    tags: attack, checksum, collision, cryptography/hash, security, sha1, source-code-management/git

    [ permalink ]

    • https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
    • https://arstechnica.com/security/2017/02/at-deaths-door-for-years-widely-used-sha1-function-is-now-dead/
    • https://news.ycombinator.com/item?id=13719368
    • https://github.com/peff/git/commits/jk/sha1dc
    • https://plus.google.com/+LinusTorvalds/posts/7tp2gYWQugL
18. How would git handle a SHA-1 collision on a blob? - Stack Overflow 2015-02-14

    tags: algorithm, code, collision, commit, cryptography/hash, patch, review, security, sha1, source-code-management/gerrit, source-code-management/git

    [ permalink ]

    • https://en.wikipedia.org/wiki/SHA-1
    • http://stackoverflow.com/questions/1867191/probability-of-sha1-collisions
    • http://en.wikipedia.org/wiki/Birthday_problem

    Some thoughts we had while toying with Gerrit, which artificially tracks different commits to group them as "patch sets", by using a Change-Id SHA-1 in the commit message:

    • https://gerrit-review.googlesource.com/Documentation/cmd-hook-commit-msg.html
    • https://gerrit.googlesource.com/git-repo/+/master/hooks/commit-msg
19. gitbrute: bruteforce a Git commit SHA-1 2015-02-14

    tags: collision, commit, cryptography/hash, sha1, source-code-management/git

    [ permalink ]

    Applied example: https://github.com/bradfitz/deadbeef

20. FIPS 180-1 - Secure Hash Standard 2013-08-18

    tags: cryptography/hash, cryptography/hash/sha, development, privacy, security

    [ permalink ]