Hash function

--00151747360aa331b30477ee3566
Content-Type: text/plain; charset=ISO-8859-1

hi friends
I need a hash function to build a Unique serial number by mixing a request
code and a user name
request codes are strings like this: They are literally HEX codes of MAC mac
addresses.
"002314EFD000544AB05345300045675609782123C3254B312123D12312E E13123F123D123123E00000000E00000000E0000000E0000000E0000000E 00000000E00000000"
i want to create a function that mix together this request code with user
name that user entered and create new serial number.
What implications i have to satisfy to create such hash function in php?
Thanks for any suggestion

--00151747360aa331b30477ee3566--

Re: Hash function

Ali Asghar Toraby Parizy wrote:
> hi friends
> I need a hash function to build a Unique serial number by mixing a request
> code and a user name
> request codes are strings like this: They are literally HEX codes of MAC mac
> addresses.
> "002314EFD000544AB05345300045675609782123C3254B312123D12312E E13123F123D123123E00000000E00000000E0000000E0000000E0000000E 00000000E00000000"
> i want to create a function that mix together this request code with user
> name that user entered and create new serial number.
> What implications i have to satisfy to create such hash function in php?
> Thanks for any suggestion

How about using sha1 to hash your string. If the data is unique then the
hash will be unique as well.

$string = $request_code.$user_name;
$hash = sha1($string);

--
John
Jeder hat soviel Recht, wie er Macht hat.
[Spinoza]


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Hash function

--=-dRMeJ+WZ9C5w5+vorsW6
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

On Mon, 2009-11-09 at 12:39 +0100, John Black wrote:

> Ali Asghar Toraby Parizy wrote:
> > hi friends
> > I need a hash function to build a Unique serial number by mixing a request
> > code and a user name
> > request codes are strings like this: They are literally HEX codes of MAC mac
> > addresses.
> > "002314EFD000544AB05345300045675609782123C3254B312123D12312E E13123F123D123123E00000000E00000000E0000000E0000000E0000000E 00000000E00000000"
> > i want to create a function that mix together this request code with user
> > name that user entered and create new serial number.
> > What implications i have to satisfy to create such hash function in php?
> > Thanks for any suggestion
>
> How about using sha1 to hash your string. If the data is unique then the
> hash will be unique as well.
>
> $string = $request_code.$user_name;
> $hash = sha1($string);
>
> --
> John
> Jeder hat soviel Recht, wie er Macht hat.
> [Spinoza]
>
>


I'm not sure you can guarantee uniqueness, but you can say with a high
degree of certainty that it's extremely unlikely to not be unique!

Thanks,
Ash
http://www.ashleysheridan.co.uk



--=-dRMeJ+WZ9C5w5+vorsW6--

Re: Hash function

--001517475f1cf676d30477ef0314
Content-Type: text/plain; charset=ISO-8859-1

Ok, thanks
but how can i create serial number that nobody can guess it. for example
when i use sha1() every body can examine it too! and so they can create it
themselves!
what strategy is useful to protect license?
I think it is better to add a specific hidden string to request code,
instead of user name that is known for a probable jobber user.
what do you think about it?

On Mon, Nov 9, 2009 at 3:09 PM, John Black wrote:

> Ali Asghar Toraby Parizy wrote:
>
>> hi friends
>> I need a hash function to build a Unique serial number by mixing a request
>> code and a user name
>> request codes are strings like this: They are literally HEX codes of MAC
>> mac
>> addresses.
>>
>> "002314EFD000544AB05345300045675609782123C3254B312123D12312E E13123F123D123123E00000000E00000000E0000000E0000000E0000000E 00000000E00000000"
>> i want to create a function that mix together this request code with user
>> name that user entered and create new serial number.
>> What implications i have to satisfy to create such hash function in php?
>> Thanks for any suggestion
>>
>
> How about using sha1 to hash your string. If the data is unique then the
> hash will be unique as well.
>
> $string = $request_code.$user_name;
> $hash = sha1($string);
>
> --
> John
> Jeder hat soviel Recht, wie er Macht hat.
> [Spinoza]
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--001517475f1cf676d30477ef0314--

Re: Hash function

--=-miN4/hfqzGI38ZGsjWeF
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

On Mon, 2009-11-09 at 15:35 +0330, Ali Asghar Toraby Parizy wrote:

> Ok, thanks
> but how can i create serial number that nobody can guess it. for example
> when i use sha1() every body can examine it too! and so they can create it
> themselves!
> what strategy is useful to protect license?
> I think it is better to add a specific hidden string to request code,
> instead of user name that is known for a probable jobber user.
> what do you think about it?
>
> On Mon, Nov 9, 2009 at 3:09 PM, John Black wrote:
>
> > Ali Asghar Toraby Parizy wrote:
> >
> >> hi friends
> >> I need a hash function to build a Unique serial number by mixing a request
> >> code and a user name
> >> request codes are strings like this: They are literally HEX codes of MAC
> >> mac
> >> addresses.
> >>
> >> "002314EFD000544AB05345300045675609782123C3254B312123D12312E E13123F123D123123E00000000E00000000E0000000E0000000E0000000E 00000000E00000000"
> >> i want to create a function that mix together this request code with user
> >> name that user entered and create new serial number.
> >> What implications i have to satisfy to create such hash function in php?
> >> Thanks for any suggestion
> >>
> >
> > How about using sha1 to hash your string. If the data is unique then the
> > hash will be unique as well.
> >
> > $string = $request_code.$user_name;
> > $hash = sha1($string);
> >
> > --
> > John
> > Jeder hat soviel Recht, wie er Macht hat.
> > [Spinoza]
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >


The crypt() function in PHP offers a one-way encryption, so
theoretically, it would be too difficult to work out backwards (not
impossible, but would need a fair bit of computing power to figure it
out!)

Thanks,
Ash
http://www.ashleysheridan.co.uk



--=-miN4/hfqzGI38ZGsjWeF--

Re: Hash function

Ali Asghar Toraby Parizy wrote:
> Ok, thanks
> but how can i create serial number that nobody can guess it. for example
> when i use sha1() every body can examine it too! and so they can create it
> themselves!
> what strategy is useful to protect license?

Ahh, so you are trying to protect your PHP code with a license key?

If so, then here are my thoughts on it.
- Don't bother encrypting the license key too much. Your code will be
available as source code so it will be possible to circumvent any
protection/limitation.
- Even file validation like creating md5suma of files is nothing but
headache because some FTP servers and clients will modify the source by
adjusting the end of line characters (binary upload prevents this).
- I have noticed that most customers will not mess with the scripts
since they want support from you. Remove all comments from the source
and the end of line characters to prevent the hobby tinkerer from
causing problems.
- The problem with people messing with the code is that they usually
don't start a support request with "I changed something and now feature
X does not work..." but rather with "All the sudden feature X stopped
working....".
- People who have the goal to circumvent your license code will do so
regardless of protection and will see sophisticated protection as a
challenge. So I don't bother with encryption of the information since
implementing something secure will usually mean that it will get in the
way of honest customers. Look at computer games, it is a prime example
of copy protection interfering with honest customers by causing problems.

All I do is generate a license code which contains a string (name or
customer id) and configuration values. The license code can be decoded
via a function and validated.
So I turn the string
AsgharToraby100C into this=> 0B50B-50B54-MSDD2-OMPDD-OMI33
Here 100C is the license value, the customer has a 100 client access
license. The key has built in , very basic, validation bits to validate
the key as a whole.
The script can decode the license key via a function to retrieve the max
authenticated user (100) before allowing new logins.
The string part can be decoded as well but capitalization is lost.


Here are a few license code functions I wrote many years ago. Maybe
something like this will work/is what you are looking for.

.... well actually ... I just looked at the code, I wrote it about 6
years, and I am bit embarrassed of how I handled a few things :)
But the code is solid, it has been in use since then and I have not
noticed any problems :)

So let me know if this sounds like something you are looking for and
would like to see and I will cleanup the code for you.


--
John
Intelligent Life
http://xkcd.com/638/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Hash function

At 2:38 PM +0330 11/9/09, Ali Asghar Toraby Parizy wrote:
>hi friends
>I need a hash function to build a Unique serial number ...

Try:

http://php.net/manual/en/function.dbplus-getunique.php

But use at your own risk.

If you want a unique number try using a time stamp (i.e., time() ) in
concert with a database.

For example, grab a time, look for it in a database, if it's not
there then use it. If it is there then repeat until you have that
isn't. That way it's a unique number guaranteed.

Cheers,

tedd

--
-------
http://sperling.com http://ancientstones.com http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Hash function

>At 2:38 PM +0330 11/9/09, Ali Asghar Toraby Parizy wrote:
>>hi friends
>>I need a hash function to build a Unique serial number ...
>
>Try:
>
>http://php.net/manual/en/function.dbplus-getunique.php
>
>But use at your own risk.
>
>If you want a unique number try using a time stamp (i.e., time() )
>in concert with a database.
>
>For example, grab a time, look for it in a database, if it's not
>there then use it. If it is there then repeat until you have that
>isn't. That way it's a unique number guaranteed.
>
>Cheers,
>
>tedd

Addition to that.

When you find an unique number, use it AND store that in the database.

Cheers,

tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Hash function

Hope this is what your looking for...

/**
* This is a part of the SN1000 System
*
* @author Hans Åhlin
* @copyright (C)2009 Hans Åhlin
* @owner Hans Åhlin
* @version 1.000.000
* @contact info@sn1000.com
*
* Copyrighted by the owner of SN1000
* ALL COPYING, PUBLISHING AND EDITING WITH OUT THE
* COPYRIGHT HOLDERS WRITTEN PERMISSION IS FORBIDDEN,
* THIS INCLUDES THE CODE, TEXT, GRAPHICS AND SOUNDS.
* For more information and/or questions please
* contact us at info@sn1000.com Including the
* concerning page file name and dns address
*/=09

if(__DEBUG__ == 1){
=09
$TestPW =3D 'This is the test password!!!';
=09
echo "\n*****************************************\n";
echo "** PASSWORD HASH FUNCTION\n";
echo "** snlib_hash_password()\n";
echo "*****************************************\n";
echo "The test password: $TestPW";
echo "\n";
echo snlib_hash_password($TestPW);
echo "\n*****************************************\n";
}

/**
* This function salts and scrambles the password for higher security
*
* @version 1.000.000
* @param $Password
* @return SHA1
*/
function snlib_hash_password($Password){
=09
$PWLength =3D strlen($Password);
=09
if(__DEBUG__ == 1){
=09
echo 'The length of the test password: ';
echo $PWLength;
echo "\n";
}
=09
$ScrambledPW =3D "";
$i =3D 0;
=09
while($PWLength !=3D 0){
=09
$PWLength--;
=09
$ScrambledPW .=3D $PWLength . $Password[$PWLength] . $Password[$i] . $i;
=09
$i++;
=09
}
=09
if(__DEBUG__ == 1){
=09
echo 'The scrambled test password: ';
echo $ScrambledPW;
echo "\n";
}
=09
$PasswordHASH =3D sha1($ScrambledPW);
=09
return $PasswordHASH;
}
?>

For legal purposes i her grant you all to use this file fore any
purpose, and for the same reason i can not take away the copyright
notice...

2009/11/9 Ali Asghar Toraby Parizy :
> hi friends
> I need a hash function to build a Unique serial number by mixing a reques=
t
> code and a user name
> request codes are strings like this: They are literally HEX codes of MAC =
mac
> addresses.
> "002314EFD000544AB05345300045675609782123C3254B312123D12312E E13123F123D12=
3123E00000000E00000000E0000000E0000000E0000000E00000000E0000 0000"
> i want to create a function that mix together this request code with user
> name that user entered and create new serial number.
> What implications i have to satisfy to create such hash function in php?
> Thanks for any suggestion
>



--=20
MvH / Hans Åhlin
Tel: +46761488019
http//www.kronan-net.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php