679990dc4b
[UPDATED] Algorithm updated to reflect advice from randombit.net cryptography list: - Add in a salt (user name) to defeat rainbow tables. - Add in a fixed string to scope the algorithm and avoid colliding with someone else's similar or identical algorithm (also helps protect against precalculated rainbow tables). - Use HMAC instead of plain SHA to avoid SHA weaknesses. The old implementation wasn't vulnerable to extension attacks or other known weaknesses, but HMAC is a safer choice and will bring up less suspicion. - Prefix strings by length as an extra precautionary measure against possible bugs in hash functions. |
||
---|---|---|
.. | ||
apptentive@3b6635e131 | ||
iCloudStoreManager@84c718a57d | ||
InAppSettingsKit@3ae828f48a | ||
Pearl@e55ef6876e |