Another way to protect data

January 8, 2008 – 6:22 pm

I just got another idea on how to protect data :)

I got this idea from a response to my earlier post on using SHA-1 and MD5 together. This person said, why not use SHA-1 on an MD5 hash? I was about to rebuke him, but then I thought about it some more. And I thought that this could actually work.

I think that the trick to multiple hashings is to use a random sequence, and possibly multiple hashing algorithms. For example, using MD5(SHA1(MD5(data))) could work well in protecting your data, even if somebody got their hands on the resultant hashes. Unless they knew which algorithms were used and the exact sequence, they won’t be able to find the original data even by using a rainbow table.

UPDATE:
After some more careful thinking, I realise that this is still ineffective against rainbow tables, as anybody can find out which algorithm was used by looking at the length of the hash. The only thing this method of protection would do is to increase the time required to find the original data (which of course, is also useful).

Post a Comment

Persistent Browser-Based Games Blog is proudly powered by WordPress Entries (RSS) and Comments (RSS). Designed by Bob