Cryptography on Ticki's blog
http://ticki.github.io/tags/cryptography/
Recent content in Cryptography on Ticki's blogHugo -- gohugo.ioen-usFri, 12 May 2017 00:00:00 +0000You Are (Probably) Doing Login Systems Wrong
http://ticki.github.io/blog/you-are-probably-doing-login-systems-wrong/
Fri, 12 May 2017 00:00:00 +0000http://ticki.github.io/blog/you-are-probably-doing-login-systems-wrong/A thing, most programmers have tried at least once, is login systems. Despite being seemingly a simple task, it is in fact very hard to do right.
So, let's look into, how we can actually do this right.
Storing passwords Okay, this is common knowledge: Salt and hash your passwords.
However, it is often done wrong. You'll see code like:
hash(password + salt) This is better than unsalted, unhashed passwords, but it's far from bruteforce resistant.A general construction for rolling hash functions
http://ticki.github.io/blog/a-general-construction-for-rolling-hash-functions/
Thu, 02 Mar 2017 00:00:00 +0000http://ticki.github.io/blog/a-general-construction-for-rolling-hash-functions/What is a rolling hash function? A hash function is a function \(h : S^\times \to F\) with \(S, F\) being some finite sets.
A rolling hash function is really a set of functions \((h, u)\), where \(u\) allows retroactively updated a symbol
\[h(\ldots a \ldots) \mapsto h(\ldots a' \ldots)\]
To put it more formally, a rolling hash function has an associated function \(u : F \times S^2 \times \mathbb N \to F\), satisfying