Sha256 output length makes no sense to me - hash

I've just played around with SHA256, and I've noticed something weird: the length of the hexdigest is 32 chars, each can be one of 16 different characters (0-9, a-f). Now correct me if I'm wrong, but this is not 256. 16*32 makes 512.
So... what am I missing here? Why the extra 16 letters?
Thanks in advance for your help.

First of all, this is not really my answer, it was #kelaka that set me stright on the path to an answer in the comment - so I'm not getting to excited about myself.
I was trying to calculate the number of options wrong, but multiplying 16 and 64 (the real length of a hash). If I calculated it the way it should have been - 16 ^ 64, I'd get a large number that is equal to 2^256, as can be seen in this code here:
>>> 16**64 == 2**256
True
Sorry for wasting everyone's time on me being stupid.

Related

Fill the tail of a literal with all 0's SystemVerilog

I am very new to SystemVerilog. I wanted to use quite a long literal as a mask. This literal, is supossed to be 18 bytes long and the only relevant part is on the most significant bytes, as the 14 least significant bytes need to be all 0's. Writing 'h00000FFC00000000000000000000000000 is quite tedious. Is there any better way to do it?
The streaming operator left justifies to the most significant bits.
dest = {>>{32'h0000_0FFC}};
The problem can be easily fixed using concatenation. For the example I showed in the question, it would be like this:
{32'h0000_0FFC, 112'b0}

Is it possible to calculate only a part of SHA512 hash? (C#)

I'm trying to solve a keygenme task. I found that there is a ulong value stored as a string. Hash is calculated using SHA512Managed and only 16 bytes of a 128 byte result matters. I need to find such a ulong value stored as a string that gives hash that has 16 specific bytes.
As I understand, SHA algorithm can't be reversed, thus the only possible solution is a brute-force approach. There are 18,446,744,073,709,551,616 possible ulong values which is quite a lot.
So, the question is "is it possible to calculate only 16 bytes oh hash in order to decrease calculation time?".
P.S. If you know another way to solve my task, please tell me. Thank you!
No, it is not. The algorithm rotates values so you cannot leave any part of it out when calculating.
Theoretically you could leave a small part out of the last round but that wouldn't have any real meaning to the time spent brute forcing.

Size of binary file after base64 encoding? Need explanation on the solution

So I'm studying for the upcoming exam, and there's this question: given a binary file with the size of 31 bytes what will its size be, after encoding it to base64?
The solution teacher gave us was (40 + 4) bytes as it needs to be a multiple of 4.
I'm not being able to come across this solution, and I have no idea how to solve this, so I was hoping somebody could help me figure this out.
Because base 64 encoding divide the input data in six bit block and one block use an ascii code.
If you have 31 byte in input you have 31*8/6 bit block to encode. As a rule of thumb every three byte in input you have 4 byte in output
If input data is not a multiple of six bit the base64 encoding fills the last block with 0 bit
In your example you have 42 block of six bit, with last filled with missing 0 bit.
Base 64 algorithm implementation filled the encoded data with '=' symbol in order to have of multiple of 4 as final result.

Is there any classic 3 byte fingerprint function?

I need a checksum/fingerprint function for short strings (say, 16 to 256 bytes) which fits in a 24 bits word. Is there any well known algorithm for that?
I propose to use a 24-bit CRC as an easy solution. CRCs are available in all lengths and always simple to compute. Wikipedia has a matching entry. The quality is far better than a modulo-reduced sum, because swapping characters will most likely produce a different CRC.
The next step (if it is a real threat to have a wrong string with the same checksum) would be a cryptographic MAC like CMAC. While this is too long out of the book, it can be reduced by taking the first 24 bits.
Simplest thing to do is a basic checksum - add up the bytes in the string, mod (2^24).
You have to watch out for character set issues when converting to bytes though, so everyone agrees on the same encoding of characters to bytes.

Is there an MD5 Fixed Point where md5(x) == x?

Is there a fixed point in the MD5 transformation, i.e. does there exist x such that md5(x) == x?
Since an MD5 sum is 128 bits long, any fixed point would necessarily also have to be 128 bits long. Assuming that the MD5 sum of any string is uniformly distributed over all possible sums, then the probability that any given 128-bit string is a fixed point is 1/2128.
Thus, the probability that no 128-bit string is a fixed point is (1 − 1/2128)2128, so the probability that there is a fixed point is 1 − (1 − 1/2128)2128.
Since the limit as n goes to infinity of (1 − 1/n)n is 1/e, and 2128 is most certainly a very large number, this probability is almost exactly 1 − 1/e ≈ 63.21%.
Of course, there is no randomness actually involved – either there is a fixed point or there isn't. But, we can be 63.21% confident that there is a fixed point. (Also, notice that this number does not depend on the size of the keyspace – if MD5 sums were 32 bits or 1024 bits, the answer would be the same, so long as it's larger than about 4 or 5 bits).
My brute force attempt found a 12 prefix and 12 suffix match.
prefix 12:
54db1011d76dc70a0a9df3ff3e0b390f -> 54db1011d76d137956603122ad86d762
suffix 12:
df12c1434cec7850a7900ce027af4b78 -> b2f6053087022898fe920ce027af4b78
Blog post:
https://plus.google.com/103541237243849171137/posts/SRxXrTMdrFN
Since the hash is irreversible, this would be very hard to figure out. The only way to solve this, would be to calculate the hash on every possible output of the hash, and see if you came up with a match.
To elaborate, there are 16 bytes in an MD5 hash. That means there are 2^(16*8) = 3.4 * 10 ^ 38 combinations. If it took 1 millisecond to compute a hash on a 16 byte value, it would take 10790283070806014188970529154.99 years to calculate all those hashes.
While I don't have a yes/no answer, my guess is "yes" and furthermore that there are maybe 2^32 such fixed points (for the bit-string interpretation, not the character-string intepretation). I'm actively working on this because it seems like an awesome, concise puzzle that will require a lot of creativity (if you don't settle for brute force search right away).
My approach is the following: treat it as a math problem. We have 128 boolean variables, and 128 equations describing the outputs in terms of the inputs (which are supposed to match). By plugging in all of the constants from the tables in the algorithm and the padding bits, my hope is that the equations can be greatly simplified to yield an algorithm optimized to the 128-bit input case. These simplified equations can then be programmed in some nice language for efficient search, or treated abstractly again, assigning single bits at a time, watching out for contraditions. You only need to see a few bits of the output to know that it is not matching the input!
Probably, but finding it would take longer than we have or would involve compromising MD5.
There are two interpretations, and if one is allowed to pick either, the probability of finding a fixed point increases to 81.5%.
Interpretation 1: does the MD5 of a MD5 output in binary match its input?
Interpretation 2: does the MD5 of a MD5 output in hex match its input?
Strictly speaking, since the input of MD5 is 512 bits long and the output is 128 bits, I would say that's impossible by definition.