Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Does SHA256 favor integers?

While coding earlier I noticed something strange about SHA256, in that it seems to generate more integers than letters for the hash. At first I thought I was just imagining it, so I put together a quick test to make sure. Astonishingly, my test seems to prove that SHA256 favors integer values in the hash that it generates. I want to know why this is. Shouldn't the difference between a hash index being a letter and a number be the exact same? Here is my testing example:

namespace TestingApp
{
    static class Program
    {
        private static string letters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";
        private static char[] characters = letters.ToCharArray();
        private static Random _rng = new Random();

        static void Main(string[] args)
        {
            int totalIntegers = 0;
            int totalLetters = 0;
            for (int testingIntervals = 0; testingIntervals < 3000; testingIntervals++)
            {
                string randomString = NextString(10);
                string checksum = DreamforceChecksum.GenerateSHA256(randomString);
                int integerCount = checksum.Count(Char.IsDigit);
                int letterCount = checksum.Count(Char.IsLetter);
                Console.WriteLine("String: " + randomString);
                Console.WriteLine("Checksum: " + checksum);
                Console.WriteLine("Integers: " + integerCount);
                Console.WriteLine("Letters: " + letterCount);
                totalIntegers += integerCount;
                totalLetters += letterCount;
            }
            Console.WriteLine("Total Integers: " + totalIntegers);
            Console.WriteLine("Total Letters: " + totalLetters);
            Console.Read();
        }

        private static string NextString(int length)
        {
            StringBuilder builder = new StringBuilder();
            for (int i = 0; i < length; i++)
            {
                builder.Append(characters[_rng.Next(characters.Length)]);
            }
            return builder.ToString();
        }
    }
}

and my checksum/hashing class:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;

namespace DreamforceFramework.Framework.Cryptography
{
    public static class DreamforceChecksum
    {
        private static readonly SHA256Managed _shaManagedInstance = new SHA256Managed();
        private static readonly StringBuilder _checksumBuilder = new StringBuilder();
        public static string GenerateSHA256(string text)
        {
            byte[] bytes = Encoding.UTF8.GetBytes(text);
            byte[] hash = _shaManagedInstance.ComputeHash(bytes);
            _checksumBuilder.Clear();
            for (int index = 0; index < hash.Length; index++)
            {
                _checksumBuilder.Append(hash[index].ToString("x2"));
            }
            return _checksumBuilder.ToString();
        }

        public static byte[] GenerateSHA256Bytes(string text)
        {
            byte[] bytes = Encoding.UTF8.GetBytes(text);
            byte[] hash = _shaManagedInstance.ComputeHash(bytes);
            _checksumBuilder.Clear();
            for (int index = 0; index < hash.Length; index++)
            {
                _checksumBuilder.Append(hash[index].ToString("x2"));
            }
            return Encoding.UTF8.GetBytes(_checksumBuilder.ToString());
        }

        public static bool ValidateDataIntegrity(string data, string targetHashcode)
        {
            return GenerateSHA256(data).Equals(targetHashcode);
        }
    }
}

I have ran my test multiple times, and every time it seems that more integers are generated within the hash than letters. Here are 3 test runs:

enter image description here

enter image description here

enter image description here

Does anyone know why SHA256 seems to favor numbers instead of an equal distribution of both letters and numbers?

like image 884
Krythic Avatar asked Sep 27 '15 15:09

Krythic


People also ask

What are the advantages and disadvantages of SHA256 hash method?

The chief advantage that SHA-256 has over Scrypt is that it is far more efficient. The chief disadvantage that SHA-256 compared to Scrypt is that it is far more efficient.

What is SHA256 hash used for?

SHA-256 is used in some of the most popular authentication and encryption protocols, including SSL, TLS, IPsec, SSH, and PGP. In Unix and Linux, SHA-256 is used for secure password hashing. Cryptocurrencies such as Bitcoin use SHA-256 for verifying transactions.

What is difference between SHA1 and SHA256?

The basic difference between SHA1 vs. SHA256 or SHA1 vs SHA2 is the length of the key used to encrypt the data transferred online. SHA1 uses 160 bit long key to encrypt data while SHA256 uses 256 bit long key to encrypt data.


2 Answers

Given that there are 10 digits and 6 letters possible, the proportion should be roughly 10:6. That's right in line with your results.

like image 197
David Eisenstat Avatar answered Oct 20 '22 00:10

David Eisenstat


The output is hexadecimal. 0-9 and a-f

like image 30
Mark Lakata Avatar answered Oct 20 '22 01:10

Mark Lakata