Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Hi All, Just wondering if anyone is aware of a PERL module other than Digest::SHA1, the Perl interface to the SHA-1 Algorithm, which provides the same functionality(doesn't have to be the SHA-1 Algorithm) but provides a binary digest less than 20 bytes,ideally 10bytes!

Replies are listed 'Best First'.
Re: Alternative Perl encryption module
by valdez (Monsignor) on Mar 10, 2003 at 12:22 UTC

    This is not an answer, sorry. I searched CPAN and found many modules dealing with Digest; the most common ones (MD2, MD4, MD5, SHA-1) produce strings longer than 20 bytes... Here is the code I used to test it:

    #!/usr/bin/perl
use strict;
use Digest;

my $data = "message to be digested";

for ('MD2', 'MD4', 'MD5', 'SHA-1') {
  showme($_, Digest->new($_), $data);
}

exit;

sub showme {

  my ($mode, $digest, $data) = @_;

  $digest->add($data);
  print "Digest::$mode\n";
  print "binary (length): ", length($digest->digest), "\n";
  print "hex            : ", $digest->hexdigest, "\n";
  if ($digest->can('b64digest')) {
    print "base64         : ", $digest->b64digest, "\n";
  }
  print "\n";
}

__END__

# output
Digest::MD2
binary (length): 16
hex            : 8350e5a3e24c153df2275c9f80692773
base64         : g1Dlo+JMFT3yJ1yfgGkncw

Digest::MD4
binary (length): 16
hex            : 0962f09cec91822209796b504862847b

Digest::MD5
binary (length): 16
hex            : d41d8cd98f00b204e9800998ecf8427e
base64         : 1B2M2Y8AsgTpgAmY7PhCfg

Digest::SHA-1
binary (length): 20
hex            : da39a3ee5e6b4b0d3255bfef95601890afd80709
base64         : 2jmj7l5rSw0yVb/vlWAYkK/YBwk

    [download]

    Given these digest methods, only binary format seems suitable for your needs... does anybody know of other algorithms?

    Ciao, Valerio

[reply]
[d/l]

      Given these digest methods, only binary format seems suitable for your needs... does anybody know of other algorithms?

      Speaking about needs, why is it important that the digest be at most 10 bytest in length, anyway? I quite seriously don't think there is a widely-used, well-known digest function that uses only 10 bytes, especially since longer digest sizes are usually considered to be a good thing.

      Maybe the original author could provide some background on this.

      --
      mowgli

[reply]

        Without looking at the subject, I would assume that the author needs a hashing algorithm, but not for cryptographic purposes. In which case, a smaller hash is just fine as long as you know how to take care of collisions (the book "Intro to Algorithms" handles this by putting colliding data into a linked list which is walked through to find the specific entry you need).

        But since the subject specifies encryption, I would say the author needs to research more about cryptography.

        ----
        Reinvent a rounder wheel.

        Note: All code is untested, unless otherwise stated

[reply]
Re: Alternative Perl encryption module
by tachyon (Chancellor) on Mar 10, 2003 at 12:56 UTC

    10 bytes is 80 bits which is 2**80 units of complexity. Typically the minimum that most digests use is 128 bits to get enough entropy. A binary Digest::MD5 digest will be 16 bytes long. A hex digest will be 32 characters long. A base64 digest will be 22 characters long. Binary is of course the most efficient presentation.

    What is wrong with 16 bytes? You could always use substr {ducks for cover}

    tachyon

    s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print

[reply]
      What is wrong with 16 bytes? You could always use substr {ducks for cover}

      Why duck for cover? It's exactly what he should do. Digest::SHA1 is an excellent hashing algorithm that produces a 160 bit hash. If that's "too big" (for some curious reason) then take the first 10 bytes of an SHA1 hash; you'll have an excellent hashing algorithm that produces a 80 bit hash. The only downside is that the chance of colissions is much much higher.

      BTW, you may note I've changed the subject line since SHA1 is not an encryption module; and I might also add that if the author doesn't know the difference between encryption and hashing, he probably shouldn't be doing either but instead read up on cryptography.

      Using crypto the right way is hard, I can highly recommend you read some of Bruce Schneier's publications, such as Security Pitfalls in Cryptography and Why Cryptography is Harder than it Looks.

[reply]
        I am the original author-the reason I am looking for a smaller hash is that I am using it in connection with compression, so the smaller the better-as is clear I know very little about encryption but for my purpose I do not need to know the background theory-I think I'll go with the idea of using the first ten bytes of the SHA1 digest-Thanks for all the suggestions!!!-Val
[reply]

Back to Seekers of Perl Wisdom