OpenEuphoria

2. Re: SHA-1

• Posted by "Thomas Parslow (PatRat)" <tom at almostobsolete.net> Apr 22, 2002
• 400 views

> HI,

> I was reading through you source code and i read something about the 
> SHA-1 hashing algorithm. i have heard
> of this algorithm many times but have never bothered to know what it 
> does or what its needed for, until recently
> when i was reading the outlook express help file and it was mentioned 
> again.....So i'm a little curious since i'm copying 
> a few ideas off of outlook. Damn i wish i had resources in this place (I 
> don't have internet, and i'm doing 
> Internet programming)!!

> While at that i have failed to understand this digital signing and 
> sending of encrypted messages!!!
> Gat some time to answer my questions?

SHA-1 stands for Secure Hashing Algorithm 1 (it's a different
algorithm from SHA). You give it any amount of data and it returns a
hash of that data, it is very very hard to get the original document
from the hash but easy to get a hash from an original.

One possible use is password storage, when passwords are stored on a
UNIX system usually on a hash of the password is actually stored. When
the user enters there password a hash is generated and compared
against the stored hash. Then if the password file falls into the
wrong hands it is impossible to find out what users passwords are (it
is still possible to do a dictionary or brute force attack where lots
of passwords are tried in an attempt to find one that produces the
correct hash).

Another use is digital signing of messages, it's easier to just sign a
hash of the message rather than the whole message.

For an implementation of sha-1 (written by Davi Figueiredo) in Euphoria see:

http://www.brasil.terravista.pt/Jenipabu/2571/e_eu.htm

Thomas Parslow (PatRat)
E-Mail/Jabber: tom at almostobsolete.net
ICQ: 26359483