## My Hash Algo(Finished)

The fear of every surveillance society: citizens protecting their own privacy with strong cryptography

### My Hash Algo(Finished)

Hello again! Finally I finished my algo and want to post it here first :3
I changed the algorithm. I used two operation; Modulo256 & XoR. It gives 52-bit(13 chars) output(Idon't know why 13 )
If you find an error on program please post below this topic so I can fix it. In fact see this as a challenge, try to crash program, try to make it give an error.. Also I'll share the source below If you could find a weak spot please let me know.(It's amateur coded )

Edit: I changed the algorithm a little to fix the vulnerability I found. So, php page won't give the same hash value with the programme.

Edit: Added Php code! (link to try: http://w5pages.com/conversion.php)

Thanks to WallShadow and not_essence2 who helped me about algorithm in my previous topic :3

Feel free to post your comments and suggestions

P.S: I want to make this algorithm in PHP so I could use it in websites' n etc. If you can help me contact with me via PM.

Here is a picture of program:

Virustotal results:https://www.virustotal.com/file/c3adc5f759f35da6291e5de685d56de77c9e1c889babe407bc7a4ae0d0d6b660/analysis/1353352868/

Download Link: http://w5pages.com/hash.exe

Source code(Made in VB.NET)

Code: Select all
`Public Function Convert_Hash(ByVal str As String)            Dim liste(str.Length - 1) As String            Dim Listbox1, Listbox2 As New ListBox            Dim part = 0            Dim sum = 0            Dim num = 0            Dim fillnum = 0            Dim num0 = 0            Dim modul = 0            Dim bin As String            Dim haash As String = ""            Listbox1.Items.Clear()            Listbox2.Items.Clear()            If part = 0 Then                For Each harf In str                    liste(num) = Asc(harf)                    num += 1                Next                part = 1            End If            If part = 1 Then                For Each item As Integer In liste                    sum += item                Next                fillnum = sum Mod 8                If str.Length < 16 Then                    str = str.PadRight(16, fillnum.ToString)                    part = 2                ElseIf str.Length > 16 Then                    str = str.Substring(0, 8)                    str = str.PadRight(16, fillnum.ToString)                    part = 2                Else                    part = 2                End If            End If            If part = 2 Then                For Each letter In str                    Listbox1.Items.Add(Asc(letter))                Next                Dim i As Integer = 0                While i < Listbox1.Items.Count                    Listbox1.SelectedIndex += 1                    num0 += Val(Listbox1.SelectedItem)                    modul = num0 Mod 256                    bin = DecimalToBinary(modul)                    If bin.Length < 8 Then                        bin = bin.PadLeft(8, "0")                    ElseIf bin.Length > 8 Then                        bin = bin.Substring(0, 8)                    End If                    Listbox2.Items.Add(bin.Substring(0, 1) Xor bin.Substring(1, 1))                    Listbox2.Items.Add(bin.Substring(2, 1) Xor bin.Substring(3, 1))                    Listbox2.Items.Add(bin.Substring(4, 1) Xor bin.Substring(5, 1))                    Listbox2.Items.Add(bin.Substring(6, 1) Xor bin.Substring(7, 1))                    i += 1                End While                part = 3            End If            If part = 3 Then                Dim s As Integer = 0                Dim lst As String = ""                While s < Listbox2.Items.Count                    Listbox2.SelectedIndex += 1                    lst += Listbox2.SelectedItem.ToString                    s += 1                End While                For i As Integer = 0 To 64                    Dim asc = Bin_To_Dec(lst.Substring(i, 4)) + 48                    haash += Chr(asc)                    i += 4                Next                part = 0            End If            Return haash        End Function`

Source Code (Javascript)

Code: Select all
`function Convert_Hash(str) {var modul = 0;var num0 = 0;var sum = 0;var haash = "";var lst = "";for(i = 0; i < str.length; i++) {var asciichr = str.charCodeAt(i);sum += asciichr;}var fillnum = sum % 8;if(str.length < 16) {str = padRight(str, 16, fillnum);}else if(str.length > 16) {str = str.substring(0, 8);str = str.padRight(str, 16, fillnum);}for(i = 0; i < str.length; i++) {num0 += str.charCodeAt(i);modul += num0 % 256;var bin = dec2bin(modul);if (bin.length < 8) {bin = padLeft(bin, 8, "0");}else if (bin.length > 8) {bin = bin.substring(0, 8);}lst += XOR(bin.substring(0, 1), bin.substring(1, 1));lst += XOR(bin.substring(2, 1), bin.substring(3, 1));lst += XOR(bin.substring(4, 1), bin.substring(5, 1));lst += XOR(bin.substring(6, 1), bin.substring(7, 1));}for(i = 0; i < 64; i += 4) {var asc = bin2dec(lst.substring(i, 4)) + 48;haash += fromCharCode(asc);}return haash;}`

Source Code (Php)

Code: Select all
`<?phpfunction Convert_Hash(\$str){\$sum = 0;\$num0 = 0;\$lst = "";\$haash = "";for(\$i = 0; \$i < strlen(\$str); \$i++){\$sum += ord(\$str[\$i]);}\$fillnum = \$sum % 8;if(strlen(\$str) < 16){\$str = str_pad(\$str, 16, \$fillnum, STR_PAD_RIGHT);}else if(strlen(\$str) > 16) {\$str = substr(\$str, 0, 8);\$str = str_pad(\$str, 16, \$fillnum, STR_PAD_RIGHT);}for(\$i = 0; \$i < strlen(\$str); \$i++){\$num0 += ord(\$str[\$i]);\$modul = \$num0 % 256;\$bin = decbin(\$modul);if(strlen(\$bin) < 8){\$bin = str_pad(\$bin, 8, "0", STR_PAD_LEFT);}elseif(strlen(\$bin) > 8){\$bin = substr(\$bin, 8);}\$lst = \$lst . strval(intval(\$bin[0]) ^ intval(\$bin[1]));\$lst = \$lst . strval(intval(\$bin[2]) ^ intval(\$bin[3]));\$lst = \$lst . strval(intval(\$bin[4]) ^ intval(\$bin[5]));\$lst = \$lst . strval(intval(\$bin[6]) ^ intval(\$bin[7]));}for(\$i = 0; \$i < 64; \$i += 4) {\$asc = bindec(substr(\$lst, \$i, 4)) + 48;\$haash = \$haash . chr(\$asc);}return \$haash;}?>                                                                   `

Pseucode

Code: Select all
`---Pseucode---s1> assign str as strings2> assign sum as integers3> for each letter in str add ascii value of letter to sums4> assign fillnum as integer = sum mod 8s5> if length of str less then 16 fill the str with fillnum else take the first 8 letter of str and fill the rest with fillnums6> for each letter in str take the ascii value of letter and add it to num0s7> assign modul as integer = num0 modulo 256s8> take the binary value of moduls9> split the binary two by two like 01, 10, 11, 00 and take the xor value of first number and second number for each piece (1 xor 0, 0 xor 1, 0 xor 0,...)s10>get the results of xor operations together and split them four by four.s11>convert values from binary to decimals12>find the char of (decimal_value + 48)s13>get together chars---------------`

I made it all by myself, except decimal-binary binary-decimal functions I took them from internet
Good Luck!
Last edited by barneystinson19 on Fri Nov 23, 2012 5:18 pm, edited 10 times in total.
"Ömür dediğin üç gündür, dün geldi geçti yarın meçhuldür…O halde ömür dediğin bir gündür,o da bugündür…."

barneystinson19
Experienced User

Posts: 50
Joined: Fri Nov 02, 2012 3:49 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

*Applause* I'm not sure if I'm ever going to get off my exceptionally lazy butt to do something like this.
not_essence2
Poster

Posts: 189
Joined: Fri Sep 14, 2012 6:09 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

Thank you :3 Did you find an error or weakness on program? Thanks for your support
"Ömür dediğin üç gündür, dün geldi geçti yarın meçhuldür…O halde ömür dediğin bir gündür,o da bugündür…."

barneystinson19
Experienced User

Posts: 50
Joined: Fri Nov 02, 2012 3:49 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

Don't ask from me. I'm really bad at programming, and I don't know a lot of the languages. Which is why I'm going to devote many hours this Thanksgiving break to stop being a virtual couch potato and start learning languages.
not_essence2
Poster

Posts: 189
Joined: Fri Sep 14, 2012 6:09 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

barneystinson19 wrote:Thank you :3 Did you find an error or weakness on program? Thanks for your support

I'd love to test out your algorithm but I honestly don't have time to reverse engineer VB apps. Would you mind providing it in something like C, Java, or maybe just pseudo code please?

WallShadow
Contributor

Posts: 686
Joined: Tue Mar 06, 2012 9:37 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

I sort of got two different strings with the same hash. Not sure what that means

xsvMix
New User

Posts: 30
Joined: Tue Sep 18, 2012 4:01 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

Hopefully xsvMix just had an error in recreating the string, because if that really happened, it defeats the fundamental purpose: Authenciation of a file. You take the file, hash it, and provide that hash publicly, so when somebody else downloads your file, and hash it in the same hash you used, they can check the hash you provided online with the has they have to make sure the file wasn't tampered with. That's why an "avalanche effect" (two similar strings producing very different hashes) is needed: to ensure authenciation goes smoothly. However, all hashes have a "collision", where two strings create the same hash. That means you can replace one string with the other and it won't look like it had been tampered with. The better a hash is, the less collisions it has, which means authenciation using that hash can be trusted more. If a collision has already been found, it is best to revise the hash. However.....
xsvMix- What do you mean you got two different strings with the same hash? Hashes are supposed to be one-way functions, which means it is impractical to get the string back from the hash.
not_essence2
Poster

Posts: 189
Joined: Fri Sep 14, 2012 6:09 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

WallShadow wrote:
barneystinson19 wrote:Thank you :3 Did you find an error or weakness on program? Thanks for your support

I'd love to test out your algorithm but I honestly don't have time to reverse engineer VB apps. Would you mind providing it in something like C, Java, or maybe just pseudo code please?

I don't know C or Java but added the pseucode, I can make the function in Javascript and add if it helps. Thanks again :3

Edit: I added Javascript code and Pseucode Good Luck :3

-- Wed Nov 21, 2012 11:27 am --

xsvMix wrote:I sort of got two different strings with the same hash. Not sure what that means

I agree with not_essence2 and what do you mean by you got two different strings with same hash? How did you reverse the hash? Or did you mean you got hash values of two different strings and two values are the same? If it's that can you write that two strings and the hash value ? I'll re-edit the algorithm if it has too many collisions. Thanks for your report :3
"Ömür dediğin üç gündür, dün geldi geçti yarın meçhuldür…O halde ömür dediğin bir gündür,o da bugündür…."

barneystinson19
Experienced User

Posts: 50
Joined: Fri Nov 02, 2012 3:49 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

Well I was messing around with the "hash.exe" file you provided. I just entered stuff to check what the results were. Then I found two slightly different inputs which generated the same hash.

xsvMix
New User

Posts: 30
Joined: Tue Sep 18, 2012 4:01 pm
Blog: View Blog (0)

### Re: My Hash Algo(Finished)

xsvMix wrote:Well I was messing around with the "hash.exe" file you provided. I just entered stuff to check what the results were. Then I found two slightly different inputs which generated the same hash.

I found a vulnerability on algorithm. I think thats what you got. Thanks, I'll make a Extbasic challange with this then fix the vuln. :3

-- Fri Nov 23, 2012 5:21 pm --

Fixed the vulnerability.
Changed the algorithm.
Added Php code and website.

Thanks for your supports :3
Good Luck!

-- Sat Nov 24, 2012 8:33 am --

Y no new comments
"Ömür dediğin üç gündür, dün geldi geçti yarın meçhuldür…O halde ömür dediğin bir gündür,o da bugündür…."

barneystinson19
Experienced User

Posts: 50
Joined: Fri Nov 02, 2012 3:49 pm
Blog: View Blog (0)

Next

Return to Crypto

### Who is online

Users browsing this forum: No registered users and 0 guests