• 12Nov

    PHP Tutorial 026: Hashing, not hacking.

    PHP Tutorials

    According to the PHP Security Consortium

    A hash (also called a hash code, digest, or message digest) can be thought of as the digital fingerprint of a piece of data. You can easily generate a fixed length hash for any text string using a one-way mathematical process. It is next to impossible to (efficiently) recover the original text from a hash alone. It is also vastly unlikely that any different text string will give you an identical hash – a ‘hash collision’. These properties make hashes ideally suited for storing your application’s passwords. Why? Because although an attacker may compromise a part of your system and reveal your list of password hashes, they can’t determine from the hashes alone what the real passwords are.

    I suggest that every PHP programmer get acquainted with hashing, as it can be very useful for recognizing valid data. I explain the simple usage in this two-part tutorial.
    You need flash to play this tutorial.
    This tutorial goes over the following goals:
    Showing the Use of Hashes
    Generating hashes
    The difference between certain algorithms
    You can find this tutorial video on youtube here.

    Hashing, not hacking Part 2You need flash to play this tutorial.
    This tutorial goes over the following goals:
    Showing the Use of Hashes
    Generating hashes
    The difference between certain algorithms
    You can find this tutorial video on youtube here.

    Here are the sources used in this tutorial:
    tut026.php
    <?php
//PHP tutorial 026: Hashing. (not hacking)
echo md5("I ate the dog");
echo sha1("I ate the dog");
echo "<br />";
echo hash('snefru','I ate the dog');
//use for password hashing in databases 

?>

    Here are all the php functions used in this tutorial:

    echo hash md5 sha1

    Posted by Kloplop321 @ 8:29 pm

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.