Use a combination of SHA1+MD5 -

-

i'm trying use secure way create checksum files (larger 10gb !).

sha256 secure enough me algorithm process expensive , not suitable. know both sha1 , md5 checksums insecure through collisions.

so think fastest , safest way combining md5 sha1 : sha1+md5 , don't think there way file (collision) same md5 , sha1 both @ same time .

so combining sha1+md5 secure enough file checksum? or there attack collision ?

i use c# mono in 2 way (bufferstream , without bufferedstream)

    public static string getchecksum(string file)     {         using (filestream stream = file.openread(file))         {             var sha = new sha256managed();             byte[] checksum = sha.computehash(stream);             return bitconverter.tostring(checksum).replace("-", string.empty);         }     }      public static string getchecksumbuffered(stream stream)     {         using (var bufferedstream = new bufferedstream(stream, 1024 * 32))         {             var sha = new sha256managed();             byte[] checksum = sha.computehash(bufferedstream);             return bitconverter.tostring(checksum).replace("-", string.empty);         }     }

update 1: mean sha1 hash + md5 hash. first calculate sha1 of file calculate md5 of file add 2 sting together.

update 2 :

as @zaph mentioned implement code(c# mono) again according read here doesn't make code fast said ! makes speed 4.6 gb file (approximate) 12mins 8.~ mins sha1+md5 takes me less 100 secs file. still think isn't right use sha256 instead.

there should small difference between sha-256 , combination of md5+sha1.

the way know benchmark:

on desk top:
sha-256: 200 mb/s
md5: 470 mb/s
sha1: 500 mb/s (updated, incorrect)
md5+sha1 240 mb/s

these times hashing, disk read time not included. tests done 1mb buffer , averaged on 10 runs. language "c" , library used apple's common crypto. cpu 2.8 ghz quad-core intel xeon (2010 macpro, laptop faster).

in end 23% faster use combined md5+sha1.

note: intel processors have instruction can used make crypto operations faster. not implementations utilize these instructions.

youmight try native implementations such sha256sum.


Comments

Post a Comment

Popular posts from this blog

java - Suppress Jboss version details from HTTP error response -

-
my jboss verson jboss eap 6.3 when kind of error response sent jboss, adds server information response. following sample row response: http/1.1 400 bad request server: apache-coyote/1.1 content-type: text/html;charset=utf-8 content-length: 2391 date: tue, 19 jul 2016 09:30:46 gmt connection: close jboss web/7.4.8.final-redhat-4 - jbweb000064: error report jbweb000065: http status 400 - org.codehaus.jackson.map.jsonmappingexception: can not construct instance of mybean.type string value 'xyz': value not 1 of declared enum instance names @ [source: org.jboss.resteasy.core.interception.messagebodyreadercontextimpl$inputstreamwrapper@5e421c2b; line: 14, column: 26] (through reference chain: requestargs["request"]) jbweb000309: type jbweb000067: status report jbweb000068: message org.codehaus.jackson.map.jsonmappingexception: can not construct instance of mybean.type string value 'xyz': value not 1 of declared enum instance names @ [source: org.jboss...
Read more

gridview - Yii2 DataPorivider $totalSum for a column -

-
i have order , ordersearch models. in order list (actionindex) gridview there filtering , sorting. on of columns in order order_total (sum of products in order). i need implement sum of order_total in gridview. if manually counting activedataprovider->getmodels() array_map spend 3 seconds 3000 orders (localhost). don't want miss time. i see 2 ways make faster: create cache every filter , update lifetime (horrible) the interesting can right in ordersearch->search() method $query method. don't understand how can pass in controller. example of code 2nd way: class ordersearch extends order { public $totalsum; public function search($params) { $query = order::find(); $dataprovider = new activedataprovider([ 'query' => $query, ]); $this->load($params); $this->totalsum = $query->sum('order_total'); // works fast return $dataprovider; } } after i...
Read more

Sass watch command compiles .scss files before full sftp upload -

-
i use winscp download , edit .scss files , sass on linux (on server) compile them .css . after saving file, use: sass scss/style.scss css/style.css , replaces css file compiled sccs. the problem i want skip part return command line after editing scss file, sake of automation , saving time. but, if use watch command: sass --watch scss/style.scss:css/style.css synchronize 2 files, alerts nonexistent css errors pop up: change detected to: scss/style.scss error scss/style.scss (line 232: invalid css after "...ht: bold; line-": expected "{", "") note that when file uploads quicker usual (sometimes happens) watch command job, no errors. this because, when file upload takes time, sass compiles scss file (on server) before uploaded remote folder. thus, compiles part of file, resulting in css errors. is there way set timer watch command waits few seconds after detects changes , before compiling? any other way overcome is, of course, ...
Read more