679990dc4b
[UPDATED] Algorithm updated to reflect advice from randombit.net
cryptography list:
- Add in a salt (user name) to defeat rainbow tables.
- Add in a fixed string to scope the algorithm and avoid
colliding with someone else's similar or identical
algorithm (also helps protect against precalculated
rainbow tables).
- Use HMAC instead of plain SHA to avoid SHA weaknesses.
The old implementation wasn't vulnerable to extension
attacks or other known weaknesses, but HMAC is a safer
choice and will bring up less suspicion.
- Prefix strings by length as an extra precautionary
measure against possible bugs in hash functions.
|
||
|---|---|---|
| .. | ||
| apptentive@3b6635e131 | ||
| iCloudStoreManager@84c718a57d | ||
| InAppSettingsKit@3ae828f48a | ||
| Pearl@e55ef6876e | ||