Re: SHA1 Hashing on different machines
From: Chris Taylor (chris_taylor_za_at_hotmail.com)
Date: 01/01/05
- Next message: Sahil Malik: "Re: Fatal Execution Engine Error while creating a DataTable on a new Windows 2003 Server"
- Previous message: Chris Taylor: "Re: How does SmartClient retain session?"
- In reply to: johnrudy3_at_aol.com: "SHA1 Hashing on different machines"
- Next in thread: johnrudy3_at_aol.com: "Re: SHA1 Hashing on different machines"
- Reply: johnrudy3_at_aol.com: "Re: SHA1 Hashing on different machines"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 1 Jan 2005 18:27:11 +0200
Hi,
For a straight SHA1 hash, the hash value should be consistent on all
machines for a given set of data. However if you are salting the the input
data (ie. the password) with some machine specific salt this would cause a
problem. If you provided some code to show how you are performing the hash,
that might help to resolve your problem.
-- Chris Taylor http://dotnetjunkies.com/weblog/chris.taylor <johnrudy3@aol.com> wrote in message news:1104445346.861674.55660@z14g2000cwz.googlegroups.com... > Bit of an interesting problem I've encountered -- and one which I'm > sure is due to my own ignorance in the ways of cryptography. > > I have a fairly simple trouble ticket-tracking application I've just > rolled out from my dev machine to our test server here at work, so the > techies can start beating up on it. The logins use a one-way hash using > the SHA1 algorithm to store the passwords in the database. > > (Basic process: When creating a user, supply password, it gets hashed > and sent in. When user logs on, hash their entered password and compare > bytes against what's in DB.) > > This works GREAT on my system. But I performed a backup of the SQL > Server database for this app, restored the backup on our test server, > deployed the application, tied it to the server, and none of the logins > work now. > > The hashed password bytes are the same on test as on my machine. > > I am typing the passwords in correctly. (Figured I'd toss that out NOW > ... :D) > > The component that performs the hashing and comparisons is deployed to > both machines in the bin directory of the virtual directory. > > The component that performs the hashing and comparisons is the same > version on both machines. > > The web app components are the same versions on both machines. > > And, um, naturally I didn't build in any back doors. :) > > Are there any known issues with the hashing that might be > machine-specific? Any workarounds? Will I have to kick open a remote > debug session against the server to trace this ugliness? > > Any help would be appreciated. Thanks in advance, and happy new year! > John Rudy > johnrudy3@aol.com >
- Next message: Sahil Malik: "Re: Fatal Execution Engine Error while creating a DataTable on a new Windows 2003 Server"
- Previous message: Chris Taylor: "Re: How does SmartClient retain session?"
- In reply to: johnrudy3_at_aol.com: "SHA1 Hashing on different machines"
- Next in thread: johnrudy3_at_aol.com: "Re: SHA1 Hashing on different machines"
- Reply: johnrudy3_at_aol.com: "Re: SHA1 Hashing on different machines"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
