# Questions tagged as ['sha-256']

I apologize in advance if this question has been answered already. However, I have not been able to find an existing answer - despite the case being pretty simple and common I imagine. Perhaps there is some terminology that I do not know making me miss the obvious.

So here goes:

Assume we repeatedly SHA256-hash a "secret" value concatenated with different numbers and let an adversary know the hashed ...

I have been playing with SHA-2-256 in Julia and I noticed that the hashes produced don't appear to follow a uniform distribution. My understanding of secure hashing algorithms is that they should approximate a uniform distribution well, so they are not predictable.

Here is the Julia code I'm using:

```
using BitIntegers, Distributions, HypothesisTests, Random, SHA
function sha256_rounds()
rounds::Arr ...
```

If I try to do `MD5(SHA256(input))`

, what is the strength of this so-called double hashing approach?

Is it as strong as SHA256, or as strong as MD5, or as strong as SHA256 + MD5?

This is not a homework question btw, I am asking because of a real issue in my project. By right, I only need to do `SHA256(input)`

on the input, and store it in a column in one MySQL table. But my practical concern is: SHA256 is o ...

I am working on an E2E encrypted app. I am using OpenPGP.js and storing public and private keys on the server. The private key is encrypted with a BIP39 passphrase which is stored in browser LocalStorage so it's never sent to a server. But I also need some credentials for users to login.

My idea is to make SHA256 from BIP39 passphrase and split it to two strings. First can be used for "username" ...

I am reading about bitcoin and I am a little confused about "elliptic curve function" and "SHA256". Do they have the same properties? Can both be used to generate private and public key pairs?

The following NodeJS code, when run (v16.8.0), logs `512`

to stdout.

```
const crypto = require("crypto");
const { privateKey } = crypto.generateKeyPairSync("rsa", {
modulusLength: 4096,
});
const sign = crypto.createSign("RSA-SHA256").update("somestringtosign");
const signature = sign.sign(privateKey);
console.log(signature.length); // logs 512
```

If I change the modulus length to `2048`

, then `256`

is logged ...

I am reading a textbook and in there they explain the property of hash functions. In particular, they give an example of how unlikely it would be to find a second input value that would match the hash output of the original input. Here's the example:

We show now how Oscar could turn his ability to find collisions (modifying two messages) into an attack. He starts with two messages, for instance:

I have a text sentence that consists of `448 digits [0-9] [a-f]`

*(in HEX format)*.

This text sentence is partially cut off, but I know the middle, and the beginning and end are damaged.

What I know is `322 known digits`

in the middle of a text sentence.

`74 unknown digits`

at the beginning

`52 unknown digits`

at the end

That is, the entire text * Size: 224 bytes* and it is hashed using the

**SHA256**hash algorith ...

I'm being asked to provide a solution for my internal customer. All network communication is internal and no applications nor their servers are accessible via the internet.

- REQUESTOR application will have a list of SSNs for 1000+ people that they need information for (different list of 1000+ each day).
- REPORTER application can run SQL queries and provide formatted output.
- DATAOWNER application has the ...

In "A Boolean Circuit for SHA-256" by Steven Goldfeder, the author gives a Boolean circuit for SHA-256. I find this method very complicated.

May I ask how to construct a Boolean circuit for a hash function? I mean, given an algorithm of a hash function, how to transform it into a circuit as in the article?

I am acquiring binary data from a sensor and storing it in a file. As each byte of data is read from the sensor, it goes into a SHA256 hash. The length of the acquired data stream varies from one session to another. It is possible that an individual sample having a binary value of 10000000 could be encountered in the input stream prior to the end of the session's stream. How does the SHA256 hash algorit ...

I have 12 bytes (5 fixed and 8 variable) of data that will be passed to SHA-256, at the end only the last 5 (most significant) bytes of the 20 generated are checked, is there a way to generate the 8 variable bytes to fake this type of SHA-256 check?

I am designing an web api which needs to grant access to various client apps via an api key sent as http header. I know, not really how it should be done but I have no control over this part.

My current design for api key: have 16 bytes for the app id (a guid) in the database + 16 bytes randomly generated (keybytes). Due to company policy I was asked not to store api keys in the db so I store a s ...

I am trying to analyse a "uniqueness" game around Schnorr signatures. The game is described in $\textbf{B.}$ and I try to provide in $\textbf{1.}$ and $\textbf{2.}$ some incomplete answers to resolve it. Is it possible to fully solve it? I have not used in my analysis a reduction to the DL problem; maybe is there a way to reduce the game to it? Apologies for the lack of cryptographic rigour and thanks a l ...

If you have a look at a certificate encrypting google.com it advertises a 256-bit ECC key with `ECDSA_P256`

parameter. The signature algorithm is sha256RSA. I've been trying to achieve something similar by running the below set of commands, but since the `-digest`

parameter I use is `-sha256`

the result is always sha256ECDSA signature algorithm. So the question is - how Google did that and is that achievable w ...

If someone found a scrambled BIP-39 24 word sequence how hard would it be to determine the correct sequence that yields someone's wallet.

Are there multiple different unique sequences of the same 24 words that will determine different bitcoin wallets?

How many?

Thanks

Usually one explains how the R1CS/QAPs and SNARKs work using examples of circuits with multiplication and addition nodes, and constructing polynomials from that is relatively straightforward. SHA-2 hashing uses complicated bit-wise arithmetic applied to itself multiple times, not simple multiplications and additions. How does one even construct a circuit to prove that a string hashes to a hash? Is there ...

I've heard about several instances where OSINT researchers were able to match user accounts from multiple data leaks purely based on their hashed passwords, assuming accounts had the same password on different sites. *(Yes, even when there were no other identifying characteristics, such as re-used usernames, re-used email addresses, browser fingerprints, or IPs.)*

As far as I know, these data leaks ...

Hash functions such as SHA-256 takes a binary string as input. Now given a hex string when we convert it to a normal text string the computed SHA-256 value would be the same. Herein lies my problem

Let us consider a simple string in hexadecimals `2E`

;
its SHA-256 value is `cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8`

.

When converted into byte form should we write `46`

or `046`

. In eit ...

For any bitcoin block we combine various Header fields to create a string which is an input to a 2 pass SHA algorithm. The resultant hash must match with the Hash in the Block header for the Block to be valid.

To test this logic as well as SHA algorithm, I used the header of Block number 695877 (https://blockchain.info/rawblock/695877?format=json) to create the Input string **04008020546c35998681264442 ...**

I am trying to code SHA256 from scratch to understand its implementation based on the wiki pseudo code as its clear enough. But I am running into problems with the calculation of W[i] for the first block. I am sure I am missing the logic somewhere. Given a data string of size 80 Bytes (in Hex): "**02000000aaf8ab82362344f49083ee4edef795362cf135293564c4070000000000000000c009bb6222e9bc4cdb8f26b2e8a2f8d16350969 ...**

If the SHA256 algorithm is public, why can't attackers use it to create more collisions rendering the algorithm useless?

First, we consider those hash functions that can actually provide 256-bit pre-image security, and not something like `SHAKE128<l=256bits>`

where the sponge parameters provides only a security capacity of 128-bit.

We know that cryptanalysis doesn't have just a time dimension - it also has a space dimension, i.e. the amount of working memory needed to execute the cryptanalysis algorithm. So if we expe ...

I found only the abstract and tables of this paper https://dl.acm.org/doi/abs/10.1145/3409501.3409513

From the abstract

*In this paper, the researchers proved that the modified SHA256 is viable to length extension, brute-force and dictionary attacks. Randomness tests also showed uniform random distribution of the hashes generated by the modified SHA256*

The meaning of each randomness test:

Monobit

Alice split a long string P into two segments A and B. A is relatively short and B is long.

`H = sha256(A + B)`

Bob does not know P, but knows H.

Is it possible for Alice to prove to Bob that A is the prefix of P, but only needs to provide additional information **much shorter** than B?

# The Setup

I have a table of values for which I need to compute a *salted hash* for each table-*cell* value. Furthermore, I need the salt for each table cell to be *unique* and *unpredictable*. (I can explain what motivates this need later, but for now I don't want to distract from the problem statement.)

Now I don't want to add an extra column per existing column in a table just to store this unique, per-cell ...