If you haven’t read Part 1please do so.Although the criticism of Part 2should be taken with a grain of XKCD Salt, and even the primary plaintiff admitted that it would take him 2 months to crack the final salted sha512. Usually your attacker shouldn’t have your shadow file, and having stored them as anything less is just plain not secure. I will acknowledge it has some merit.Doing a base64 transformation on hex only digits is a bad, idea, and does not have nearly enough possible combinations.

I’ve been working on Korama. I was originally planning on hashing each music file and using the sha1 for the track primary key. However, after benchmarking an actual implementation. I’ve decided that it’s too slow, 20 minutes for 3k+ tracks, also my program was about 5 minutes slower than find … -exec sha1sumnot sure on the reason why. However, since I had problems figuring out how to do it I figure I’ll post a basic sha1sum program that I made with the help of people on the Crypto++Mailing List.