zach.rattner Posted August 3, 2008 Share Posted August 3, 2008 I did some research on hashing, and it looks like both md5() and sha1() can be reversed, given enough time and processing power. I wrote a function that (I think) would make it considerably more difficult to unhash a value. Do you think this is overkill? Are there any problems that jump out at you? Here is the code: <?php function hyper_hash($value) { for ($i = 0; $i < 100; $i++) { if ($i %2 == 0) { $value = sha1($value); } else if ($i %3 == 1) { $value = base64_encode($value); } else { $value = md5($value); } } return $value; } $initial = microtime(true); echo "\"12345\" hashed to: " . hyper_hash("12345"). "<br /><br />"; $final = microtime(true); $delta = $final - $initial; echo "Time taken: " . $delta . " s"; ?>Here's a page with this code running: [removed] Thanks for the feedback, Zach Link to comment https://forums.phpfreaks.com/topic/117998-hashing-method-feedback-wanted/ Share on other sites More sharing options...
lemmin Posted August 5, 2008 Share Posted August 5, 2008 The only possible way to "reverse" a hash is if the original string is found in a lookup table. I think your function is pretty unnecessary. You can get by hash lookups by just adding some known characters to the end of the string you are hashing and it becomes virtually unreversable. Link to comment https://forums.phpfreaks.com/topic/117998-hashing-method-feedback-wanted/#findComment-608803 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.