## My Hash Algo(Finished)

The fear of every surveillance society: citizens protecting their own privacy with strong cryptography

### My Hash Algo(Finished)

Hello again! Finally I finished my algo and want to post it here first :3
I changed the algorithm. I used two operation; Modulo256 & XoR. It gives 52-bit(13 chars) output(Idon't know why 13 )
If you find an error on program please post below this topic so I can fix it. In fact see this as a challenge, try to crash program, try to make it give an error.. Also I'll share the source below If you could find a weak spot please let me know.(It's amateur coded )

Edit: I changed the algorithm a little to fix the vulnerability I found. So, php page won't give the same hash value with the programme.

Thanks to WallShadow and not_essence2 who helped me about algorithm in my previous topic :3

P.S: I want to make this algorithm in PHP so I could use it in websites' n etc. If you can help me contact with me via PM.

Here is a picture of program:

Code: Select all
Public Function Convert_Hash(ByVal str As String)
Dim liste(str.Length - 1) As String
Dim Listbox1, Listbox2 As New ListBox
Dim part = 0
Dim sum = 0
Dim num = 0
Dim fillnum = 0
Dim num0 = 0
Dim modul = 0
Dim bin As String
Dim haash As String = ""
Listbox1.Items.Clear()
Listbox2.Items.Clear()
If part = 0 Then
For Each harf In str
liste(num) = Asc(harf)
num += 1
Next
part = 1
End If
If part = 1 Then
For Each item As Integer In liste
sum += item
Next

fillnum = sum Mod 8

If str.Length < 16 Then
part = 2
ElseIf str.Length > 16 Then
str = str.Substring(0, 8)
part = 2
Else
part = 2
End If
End If

If part = 2 Then
For Each letter In str
Next
Dim i As Integer = 0
While i < Listbox1.Items.Count
Listbox1.SelectedIndex += 1
num0 += Val(Listbox1.SelectedItem)
modul = num0 Mod 256
bin = DecimalToBinary(modul)
If bin.Length < 8 Then
ElseIf bin.Length > 8 Then
bin = bin.Substring(0, 8)
End If
i += 1
End While
part = 3
End If

If part = 3 Then
Dim s As Integer = 0
Dim lst As String = ""
While s < Listbox2.Items.Count
Listbox2.SelectedIndex += 1
lst += Listbox2.SelectedItem.ToString
s += 1
End While

For i As Integer = 0 To 64
Dim asc = Bin_To_Dec(lst.Substring(i, 4)) + 48
haash += Chr(asc)
i += 4
Next
part = 0
End If

Return haash

End Function

Source Code (Javascript)

Code: Select all
function Convert_Hash(str) {
var modul = 0;
var num0 = 0;
var sum = 0;
var haash = "";
var lst = "";
for(i = 0; i < str.length; i++) {
var asciichr = str.charCodeAt(i);
sum += asciichr;
}
var fillnum = sum % 8;

if(str.length < 16) {
}
else if(str.length > 16) {
str = str.substring(0, 8);
}

for(i = 0; i < str.length; i++) {
num0 += str.charCodeAt(i);
modul += num0 % 256;
var bin = dec2bin(modul);
if (bin.length < 8) {
}
else if (bin.length > 8) {
bin = bin.substring(0, 8);
}
lst += XOR(bin.substring(0, 1), bin.substring(1, 1));
lst += XOR(bin.substring(2, 1), bin.substring(3, 1));
lst += XOR(bin.substring(4, 1), bin.substring(5, 1));
lst += XOR(bin.substring(6, 1), bin.substring(7, 1));
}

for(i = 0; i < 64; i += 4) {
var asc = bin2dec(lst.substring(i, 4)) + 48;
haash += fromCharCode(asc);
}
return haash;
}

Source Code (Php)

Code: Select all
<?php
function Convert_Hash(\$str){
\$sum = 0;
\$num0 = 0;
\$lst = "";
\$haash = "";
for(\$i = 0; \$i < strlen(\$str); \$i++){
\$sum += ord(\$str[\$i]);
}
\$fillnum = \$sum % 8;

if(strlen(\$str) < 16){
}
else if(strlen(\$str) > 16) {
\$str = substr(\$str, 0, 8);
}

for(\$i = 0; \$i < strlen(\$str); \$i++){
\$num0 += ord(\$str[\$i]);
\$modul = \$num0 % 256;
\$bin = decbin(\$modul);
if(strlen(\$bin) < 8){
}elseif(strlen(\$bin) > 8){
\$bin = substr(\$bin, 8);
}
\$lst = \$lst . strval(intval(\$bin[0]) ^ intval(\$bin[1]));
\$lst = \$lst . strval(intval(\$bin[2]) ^ intval(\$bin[3]));
\$lst = \$lst . strval(intval(\$bin[4]) ^ intval(\$bin[5]));
\$lst = \$lst . strval(intval(\$bin[6]) ^ intval(\$bin[7]));
}

for(\$i = 0; \$i < 64; \$i += 4) {
\$asc = bindec(substr(\$lst, \$i, 4)) + 48;
\$haash = \$haash . chr(\$asc);
}
return \$haash;
}

?>

Pseucode

Code: Select all
---Pseucode---
s1> assign str as string
s2> assign sum as integer
s3> for each letter in str add ascii value of letter to sum
s4> assign fillnum as integer = sum mod 8
s5> if length of str less then 16 fill the str with fillnum else take the first 8 letter of str and fill the rest with fillnum
s6> for each letter in str take the ascii value of letter and add it to num0
s7> assign modul as integer = num0 modulo 256
s8> take the binary value of modul
s9> split the binary two by two like 01, 10, 11, 00 and take the xor value of first number and second number for each piece (1 xor 0, 0 xor 1, 0 xor 0,...)
s10>get the results of xor operations together and split them four by four.
s11>convert values from binary to decimal
s12>find the char of (decimal_value + 48)
s13>get together chars
---------------

I made it all by myself, except decimal-binary binary-decimal functions I took them from internet
Good Luck!
Last edited by barneystinson19 on Fri Nov 23, 2012 5:18 pm, edited 10 times in total.
"Ömür dediğin üç gündür, dün geldi geçti yarın meçhuldür…O halde ömür dediğin bir gündür,o da bugündür…."

barneystinson19
Experienced User

Posts: 50
Joined: Fri Nov 02, 2012 3:49 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

*Applause* I'm not sure if I'm ever going to get off my exceptionally lazy butt to do something like this.
not_essence2
Poster

Posts: 189
Joined: Fri Sep 14, 2012 6:09 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

Thank you :3 Did you find an error or weakness on program? Thanks for your support
"Ömür dediğin üç gündür, dün geldi geçti yarın meçhuldür…O halde ömür dediğin bir gündür,o da bugündür…."

barneystinson19
Experienced User

Posts: 50
Joined: Fri Nov 02, 2012 3:49 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

Don't ask from me. I'm really bad at programming, and I don't know a lot of the languages. Which is why I'm going to devote many hours this Thanksgiving break to stop being a virtual couch potato and start learning languages.
not_essence2
Poster

Posts: 189
Joined: Fri Sep 14, 2012 6:09 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

barneystinson19 wrote:Thank you :3 Did you find an error or weakness on program? Thanks for your support

I'd love to test out your algorithm but I honestly don't have time to reverse engineer VB apps. Would you mind providing it in something like C, Java, or maybe just pseudo code please?

Contributor

Posts: 686
Joined: Tue Mar 06, 2012 9:37 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

I sort of got two different strings with the same hash. Not sure what that means

xsvMix
New User

Posts: 30
Joined: Tue Sep 18, 2012 4:01 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

Hopefully xsvMix just had an error in recreating the string, because if that really happened, it defeats the fundamental purpose: Authenciation of a file. You take the file, hash it, and provide that hash publicly, so when somebody else downloads your file, and hash it in the same hash you used, they can check the hash you provided online with the has they have to make sure the file wasn't tampered with. That's why an "avalanche effect" (two similar strings producing very different hashes) is needed: to ensure authenciation goes smoothly. However, all hashes have a "collision", where two strings create the same hash. That means you can replace one string with the other and it won't look like it had been tampered with. The better a hash is, the less collisions it has, which means authenciation using that hash can be trusted more. If a collision has already been found, it is best to revise the hash. However.....
xsvMix- What do you mean you got two different strings with the same hash? Hashes are supposed to be one-way functions, which means it is impractical to get the string back from the hash.
not_essence2
Poster

Posts: 189
Joined: Fri Sep 14, 2012 6:09 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

barneystinson19 wrote:Thank you :3 Did you find an error or weakness on program? Thanks for your support

I'd love to test out your algorithm but I honestly don't have time to reverse engineer VB apps. Would you mind providing it in something like C, Java, or maybe just pseudo code please?

I don't know C or Java but added the pseucode, I can make the function in Javascript and add if it helps. Thanks again :3

Edit: I added Javascript code and Pseucode Good Luck :3

-- Wed Nov 21, 2012 11:27 am --

xsvMix wrote:I sort of got two different strings with the same hash. Not sure what that means

I agree with not_essence2 and what do you mean by you got two different strings with same hash? How did you reverse the hash? Or did you mean you got hash values of two different strings and two values are the same? If it's that can you write that two strings and the hash value ? I'll re-edit the algorithm if it has too many collisions. Thanks for your report :3
"Ömür dediğin üç gündür, dün geldi geçti yarın meçhuldür…O halde ömür dediğin bir gündür,o da bugündür…."

barneystinson19
Experienced User

Posts: 50
Joined: Fri Nov 02, 2012 3:49 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

Well I was messing around with the "hash.exe" file you provided. I just entered stuff to check what the results were. Then I found two slightly different inputs which generated the same hash.

xsvMix
New User

Posts: 30
Joined: Tue Sep 18, 2012 4:01 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

xsvMix wrote:Well I was messing around with the "hash.exe" file you provided. I just entered stuff to check what the results were. Then I found two slightly different inputs which generated the same hash.

I found a vulnerability on algorithm. I think thats what you got. Thanks, I'll make a Extbasic challange with this then fix the vuln. :3

-- Fri Nov 23, 2012 5:21 pm --

Fixed the vulnerability.
Changed the algorithm.

Good Luck!

-- Sat Nov 24, 2012 8:33 am --

"Ömür dediğin üç gündür, dün geldi geçti yarın meçhuldür…O halde ömür dediğin bir gündür,o da bugündür…."

barneystinson19
Experienced User

Posts: 50
Joined: Fri Nov 02, 2012 3:49 pm
Blog: View Blog (0)

Next