I am having trouble understanding the following code from the golang crypto bcrypt repo func newFromHash(hashedSecret []byte) (*hashed, error) { if len(hashedSecret) < minHashSize { return nil...

In this cryptography post it says The chain can go as long as you want, until it hits the original input. When it hits that point, it will just repeat itself and it will be useless. So my star...

Anyone know why it is called rainbow table? Just remembered we have learned there is an attack called "dictionary attack". Why it is not call dictionary?

I've been looking around for encryption and I've seen several implementations of Rainbow Tables work like charm on passwords (say windows). I'm yet to see an implementation of a Rainbow atta...

I'm having some trouble understanding the purpose of a salt to a password. It's my understanding that the primary use is to hamper a rainbow table attack. However, the methods I've seen to implemen...

Possible Duplicate: md5 decoding. How they do it? this page suggests that a hash algorithm like md5() and sha1() can be reversed because of the huge processing power that we have nowa...

As I understand it, the best practice for generating salts is to use some cryptic formula (or even magic constant) stored in your source code. I'm working on a project that we plan on releasing as...

let's just assume a simple non salted hash function, just a plain old $hash = md5($pass). Premises: the password hashing all takes place server side, and the hashes are stored in the database. T...

I've carefully read about rainbow tables and can't get one thing. In order to build a hash chain a reduction function is used. It's a function that somehow maps hashes onto passwords. This article ...

In explanations I've read about public key cryptography, it is said that some large number is come up with by multiplying together 2 extremely large primes. Since factoring the product of large pri...

I've spent the past 2 hours reading up on salting passwords, making sure that I understood the idea. I was hoping some of you could share your knowledge on my conclusions. If I'm an attacker, and...

When we say dictionary attack, we don't really mean a real dictionary, do we? My guess is we mean a hacker's dictionary i.e. rainbow tables, right? My point is we're not talking about someone keyi...