Menu
Long time reader, first time poster. And I start with quite a cryptic one!
What I'm seeking to do is encrypt a string with the SHA-256 algorithm, and hash it with a key.
I discovered someone had done some excellent work in creating an algorithm for "normal" SHA-2 encryption as a stored function at: http://blog.darkrainfall.org/sha-256-in-mysql/ which will probably be of help to others, but I need to be able to do it with a key.
Anyone know if this is possible? I'm a completely newbie to encryption I'm afraid.
I'm using mySQL 5.1 on Windows 2003 server.
Cheers.
783
CREATE USER 'sha256user'@'localhost' IDENTIFIED WITH sha256_password BY 'password'; The server assigns the sha256_password plugin to the account and uses it to encrypt the password using SHA-256, storing those values in the plugin and authentication_string columns of the mysql. user system table.
A: HMAC (Hashed Message Authentication Code) uses SHA-1 internally. The difference is that a MAC uses a secret key.
HMAC-SHA256 is extremely safe. In the question's use, the key is large (48 characters, likely >160 bits of entropy). From a theoretical standpoint, everything checks. HMAC is demonstrably resistant (to 128-bit level) even if an adversary can obtain the MAC of chosen messages, under weak hypothesis for SHA-256 (see M.
Answer: SHA-2 is a family of hashing algorithms to replace the SHA-1 algorithm. SHA-2 features a higher level of security than its predecessor. It was designed through The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA).
It is a little unclear what your end goal is, but the SHA implementation you referenced should be able to do the hashing you desired. One meaning of "hashing something with a key" for message authentication might be that you take a secret key and prepend it to data and then hash the entire result. The ever-useful Wikipedia has some information on HMAC.
Note that hashing is not encryption. The question seems to imply that hashing something is the same as encrypting it. A hash, though, takes some data and runs it through a data blender and produces a (typically) fixed length chunk of data. With a cryptographically strong hash function, it is supposed to be impossible (from a practical standpoint) to find an input that results in a given hash value. Encryption, on the other hand, takes a key and a chunk of data and runs i through a data blender and produces a chunk of data that can then be "unblended" in conjunction with the original key to produce the original data.
147
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
