zach.rattner Posted August 3, 2008 Share Posted August 3, 2008 (edited) I did some research on hashing, and it looks like both md5() and sha1() can be reversed, given enough time and processing power. I wrote a function that (I think) would make it considerably more difficult to unhash a value. Do you think this is overkill? Are there any problems that jump out at you? Here is the code: <?php function hyper_hash($value) { for ($i = 0; $i < 100; $i++) { if ($i %2 == 0) { $value = sha1($value); } else if ($i %3 == 1) { $value = base64_encode($value); } else { $value = md5($value); } } return $value; } $initial = microtime(true); echo "\"12345\" hashed to: " . hyper_hash("12345"). "<br /><br />"; $final = microtime(true); $delta = $final - $initial; echo "Time taken: " . $delta . " s"; ?>Here's a page with this code running: [removed] Thanks for the feedback, Zach Edited December 28, 2016 by requinix url doesn't work anymore Quote Link to comment https://forums.phpfreaks.com/topic/117998-hashing-method-feedback-wanted/ Share on other sites More sharing options...
lemmin Posted August 5, 2008 Share Posted August 5, 2008 The only possible way to "reverse" a hash is if the original string is found in a lookup table. I think your function is pretty unnecessary. You can get by hash lookups by just adding some known characters to the end of the string you are hashing and it becomes virtually unreversable. Quote Link to comment https://forums.phpfreaks.com/topic/117998-hashing-method-feedback-wanted/#findComment-608803 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.