My Hash Algo(Finished)

The fear of every surveillance society: citizens protecting their own privacy with strong cryptography

My Hash Algo(Finished)

Post by barneystinson19 on Mon Nov 19, 2012 2:55 pm
([msg=71102]see My Hash Algo(Finished)[/msg])

Hello again! Finally I finished my algo and want to post it here first :3
I changed the algorithm. I used two operation; Modulo256 & XoR. It gives 52-bit(13 chars) output(Idon't know why 13 :D)
If you find an error on program please post below this topic so I can fix it. In fact see this as a challenge, try to crash program, try to make it give an error.. Also I'll share the source below If you could find a weak spot please let me know.(It's amateur coded :P)

Edit: I changed the algorithm a little to fix the vulnerability I found. So, php page won't give the same hash value with the programme.

Edit: Added Php code! (link to try: http://w5pages.com/conversion.php)

Thanks to WallShadow and not_essence2 who helped me about algorithm in my previous topic :3

Feel free to post your comments and suggestions :)

P.S: I want to make this algorithm in PHP so I could use it in websites' n etc. If you can help me contact with me via PM.

Here is a picture of program:
Image

Virustotal results:https://www.virustotal.com/file/c3adc5f759f35da6291e5de685d56de77c9e1c889babe407bc7a4ae0d0d6b660/analysis/1353352868/

Download Link: http://w5pages.com/hash.exe

Source code(Made in VB.NET)

Code: Select all
Public Function Convert_Hash(ByVal str As String)
            Dim liste(str.Length - 1) As String
            Dim Listbox1, Listbox2 As New ListBox
            Dim part = 0
            Dim sum = 0
            Dim num = 0
            Dim fillnum = 0
            Dim num0 = 0
            Dim modul = 0
            Dim bin As String
            Dim haash As String = ""
            Listbox1.Items.Clear()
            Listbox2.Items.Clear()
            If part = 0 Then
                For Each harf In str
                    liste(num) = Asc(harf)
                    num += 1
                Next
                part = 1
            End If
            If part = 1 Then
                For Each item As Integer In liste
                    sum += item
                Next

                fillnum = sum Mod 8

                If str.Length < 16 Then
                    str = str.PadRight(16, fillnum.ToString)
                    part = 2
                ElseIf str.Length > 16 Then
                    str = str.Substring(0, 8)
                    str = str.PadRight(16, fillnum.ToString)
                    part = 2
                Else
                    part = 2
                End If
            End If

            If part = 2 Then
                For Each letter In str
                    Listbox1.Items.Add(Asc(letter))
                Next
                Dim i As Integer = 0
                While i < Listbox1.Items.Count
                    Listbox1.SelectedIndex += 1
                    num0 += Val(Listbox1.SelectedItem)
                    modul = num0 Mod 256
                    bin = DecimalToBinary(modul)
                    If bin.Length < 8 Then
                        bin = bin.PadLeft(8, "0")
                    ElseIf bin.Length > 8 Then
                        bin = bin.Substring(0, 8)
                    End If
                    Listbox2.Items.Add(bin.Substring(0, 1) Xor bin.Substring(1, 1))
                    Listbox2.Items.Add(bin.Substring(2, 1) Xor bin.Substring(3, 1))
                    Listbox2.Items.Add(bin.Substring(4, 1) Xor bin.Substring(5, 1))
                    Listbox2.Items.Add(bin.Substring(6, 1) Xor bin.Substring(7, 1))
                    i += 1
                End While
                part = 3
            End If

            If part = 3 Then
                Dim s As Integer = 0
                Dim lst As String = ""
                While s < Listbox2.Items.Count
                    Listbox2.SelectedIndex += 1
                    lst += Listbox2.SelectedItem.ToString
                    s += 1
                End While

                For i As Integer = 0 To 64
                    Dim asc = Bin_To_Dec(lst.Substring(i, 4)) + 48
                    haash += Chr(asc)
                    i += 4
                Next
                part = 0
            End If

            Return haash

        End Function


Source Code (Javascript)

Code: Select all
function Convert_Hash(str) {
var modul = 0;
var num0 = 0;
var sum = 0;
var haash = "";
var lst = "";
for(i = 0; i < str.length; i++) {
var asciichr = str.charCodeAt(i);
sum += asciichr;
}
var fillnum = sum % 8;

if(str.length < 16) {
str = padRight(str, 16, fillnum);
}
else if(str.length > 16) {
str = str.substring(0, 8);
str = str.padRight(str, 16, fillnum);
}

for(i = 0; i < str.length; i++) {
num0 += str.charCodeAt(i);
modul += num0 % 256;
var bin = dec2bin(modul);
if (bin.length < 8) {
bin = padLeft(bin, 8, "0");
}
else if (bin.length > 8) {
bin = bin.substring(0, 8);
}
lst += XOR(bin.substring(0, 1), bin.substring(1, 1));
lst += XOR(bin.substring(2, 1), bin.substring(3, 1));
lst += XOR(bin.substring(4, 1), bin.substring(5, 1));
lst += XOR(bin.substring(6, 1), bin.substring(7, 1));
}

for(i = 0; i < 64; i += 4) {
var asc = bin2dec(lst.substring(i, 4)) + 48;
haash += fromCharCode(asc);
}
return haash;
}


Source Code (Php)

Code: Select all
<?php
function Convert_Hash($str){
$sum = 0;
$num0 = 0;
$lst = "";
$haash = "";
for($i = 0; $i < strlen($str); $i++){
$sum += ord($str[$i]);
}
$fillnum = $sum % 8;

if(strlen($str) < 16){
$str = str_pad($str, 16, $fillnum, STR_PAD_RIGHT);
}
else if(strlen($str) > 16) {
$str = substr($str, 0, 8);
$str = str_pad($str, 16, $fillnum, STR_PAD_RIGHT);
}

for($i = 0; $i < strlen($str); $i++){
$num0 += ord($str[$i]);
$modul = $num0 % 256;
$bin = decbin($modul);
if(strlen($bin) < 8){
$bin = str_pad($bin, 8, "0", STR_PAD_LEFT);
}elseif(strlen($bin) > 8){
$bin = substr($bin, 8);
}
$lst = $lst . strval(intval($bin[0]) ^ intval($bin[1]));
$lst = $lst . strval(intval($bin[2]) ^ intval($bin[3]));
$lst = $lst . strval(intval($bin[4]) ^ intval($bin[5]));
$lst = $lst . strval(intval($bin[6]) ^ intval($bin[7]));
}

for($i = 0; $i < 64; $i += 4) {
$asc = bindec(substr($lst, $i, 4)) + 48;
$haash = $haash . chr($asc);
}
return $haash;
}

?>                                                                   


Pseucode

Code: Select all
---Pseucode---
s1> assign str as string
s2> assign sum as integer
s3> for each letter in str add ascii value of letter to sum
s4> assign fillnum as integer = sum mod 8
s5> if length of str less then 16 fill the str with fillnum else take the first 8 letter of str and fill the rest with fillnum
s6> for each letter in str take the ascii value of letter and add it to num0
s7> assign modul as integer = num0 modulo 256
s8> take the binary value of modul
s9> split the binary two by two like 01, 10, 11, 00 and take the xor value of first number and second number for each piece (1 xor 0, 0 xor 1, 0 xor 0,...)
s10>get the results of xor operations together and split them four by four.
s11>convert values from binary to decimal
s12>find the char of (decimal_value + 48)
s13>get together chars
---------------


I made it all by myself, except decimal-binary binary-decimal functions I took them from internet :P
Good Luck!
Last edited by barneystinson19 on Fri Nov 23, 2012 5:18 pm, edited 10 times in total.
"Ömür dediğin üç gündür, dün geldi geçti yarın meçhuldür…O halde ömür dediğin bir gündür,o da bugündür…."
User avatar
barneystinson19
Experienced User
Experienced User
 
Posts: 50
Joined: Fri Nov 02, 2012 3:49 pm
Blog: View Blog (0)


Re: My Hash Algo(Finished)

Post by not_essence2 on Mon Nov 19, 2012 4:45 pm
([msg=71106]see Re: My Hash Algo(Finished)[/msg])

*Applause* I'm not sure if I'm ever going to get off my exceptionally lazy butt to do something like this.
not_essence2
Poster
Poster
 
Posts: 189
Joined: Fri Sep 14, 2012 6:09 pm
Blog: View Blog (0)


Re: My Hash Algo(Finished)

Post by barneystinson19 on Tue Nov 20, 2012 8:33 am
([msg=71127]see Re: My Hash Algo(Finished)[/msg])

Thank you :3 Did you find an error or weakness on program? Thanks for your support :)
"Ömür dediğin üç gündür, dün geldi geçti yarın meçhuldür…O halde ömür dediğin bir gündür,o da bugündür…."
User avatar
barneystinson19
Experienced User
Experienced User
 
Posts: 50
Joined: Fri Nov 02, 2012 3:49 pm
Blog: View Blog (0)


Re: My Hash Algo(Finished)

Post by not_essence2 on Tue Nov 20, 2012 10:08 pm
([msg=71156]see Re: My Hash Algo(Finished)[/msg])

Don't ask from me. I'm really bad at programming, and I don't know a lot of the languages. Which is why I'm going to devote many hours this Thanksgiving break to stop being a virtual couch potato and start learning languages.
not_essence2
Poster
Poster
 
Posts: 189
Joined: Fri Sep 14, 2012 6:09 pm
Blog: View Blog (0)


Re: My Hash Algo(Finished)

Post by WallShadow on Wed Nov 21, 2012 1:09 am
([msg=71165]see Re: My Hash Algo(Finished)[/msg])

barneystinson19 wrote:Thank you :3 Did you find an error or weakness on program? Thanks for your support :)


I'd love to test out your algorithm but I honestly don't have time to reverse engineer VB apps. Would you mind providing it in something like C, Java, or maybe just pseudo code please?
User avatar
WallShadow
Contributor
Contributor
 
Posts: 621
Joined: Tue Mar 06, 2012 9:37 pm
Blog: View Blog (0)


Re: My Hash Algo(Finished)

Post by xsvMix on Wed Nov 21, 2012 9:38 am
([msg=71169]see Re: My Hash Algo(Finished)[/msg])

I sort of got two different strings with the same hash. Not sure what that means :?
User avatar
xsvMix
New User
New User
 
Posts: 30
Joined: Tue Sep 18, 2012 4:01 pm
Blog: View Blog (0)


Re: My Hash Algo(Finished)

Post by not_essence2 on Wed Nov 21, 2012 10:04 am
([msg=71172]see Re: My Hash Algo(Finished)[/msg])

Hopefully xsvMix just had an error in recreating the string, because if that really happened, it defeats the fundamental purpose: Authenciation of a file. You take the file, hash it, and provide that hash publicly, so when somebody else downloads your file, and hash it in the same hash you used, they can check the hash you provided online with the has they have to make sure the file wasn't tampered with. That's why an "avalanche effect" (two similar strings producing very different hashes) is needed: to ensure authenciation goes smoothly. However, all hashes have a "collision", where two strings create the same hash. That means you can replace one string with the other and it won't look like it had been tampered with. The better a hash is, the less collisions it has, which means authenciation using that hash can be trusted more. If a collision has already been found, it is best to revise the hash. However.....
xsvMix- What do you mean you got two different strings with the same hash? Hashes are supposed to be one-way functions, which means it is impractical to get the string back from the hash.
not_essence2
Poster
Poster
 
Posts: 189
Joined: Fri Sep 14, 2012 6:09 pm
Blog: View Blog (0)


Re: My Hash Algo(Finished)

Post by barneystinson19 on Wed Nov 21, 2012 11:17 am
([msg=71176]see Re: My Hash Algo(Finished)[/msg])

WallShadow wrote:
barneystinson19 wrote:Thank you :3 Did you find an error or weakness on program? Thanks for your support :)


I'd love to test out your algorithm but I honestly don't have time to reverse engineer VB apps. Would you mind providing it in something like C, Java, or maybe just pseudo code please?


I don't know C or Java but added the pseucode, I can make the function in Javascript and add if it helps. Thanks again :3

Edit: I added Javascript code and Pseucode Good Luck :3

-- Wed Nov 21, 2012 11:27 am --

xsvMix wrote:I sort of got two different strings with the same hash. Not sure what that means :?


I agree with not_essence2 and what do you mean by you got two different strings with same hash? How did you reverse the hash? Or did you mean you got hash values of two different strings and two values are the same? If it's that can you write that two strings and the hash value ? I'll re-edit the algorithm if it has too many collisions. Thanks for your report :3
"Ömür dediğin üç gündür, dün geldi geçti yarın meçhuldür…O halde ömür dediğin bir gündür,o da bugündür…."
User avatar
barneystinson19
Experienced User
Experienced User
 
Posts: 50
Joined: Fri Nov 02, 2012 3:49 pm
Blog: View Blog (0)


Re: My Hash Algo(Finished)

Post by xsvMix on Thu Nov 22, 2012 9:59 am
([msg=71216]see Re: My Hash Algo(Finished)[/msg])

Well I was messing around with the "hash.exe" file you provided. I just entered stuff to check what the results were. Then I found two slightly different inputs which generated the same hash.
User avatar
xsvMix
New User
New User
 
Posts: 30
Joined: Tue Sep 18, 2012 4:01 pm
Blog: View Blog (0)


Re: My Hash Algo(Finished)

Post by barneystinson19 on Thu Nov 22, 2012 1:12 pm
([msg=71222]see Re: My Hash Algo(Finished)[/msg])

xsvMix wrote:Well I was messing around with the "hash.exe" file you provided. I just entered stuff to check what the results were. Then I found two slightly different inputs which generated the same hash.


I found a vulnerability on algorithm. I think thats what you got. Thanks, I'll make a Extbasic challange with this then fix the vuln. :3

-- Fri Nov 23, 2012 5:21 pm --

Fixed the vulnerability.
Changed the algorithm.
Added Php code and website.

Thanks for your supports :3
Good Luck!

-- Sat Nov 24, 2012 8:33 am --

Y no new comments :?
"Ömür dediğin üç gündür, dün geldi geçti yarın meçhuldür…O halde ömür dediğin bir gündür,o da bugündür…."
User avatar
barneystinson19
Experienced User
Experienced User
 
Posts: 50
Joined: Fri Nov 02, 2012 3:49 pm
Blog: View Blog (0)


Next

Return to Crypto

Who is online

Users browsing this forum: No registered users and 0 guests

cron