Reputation: 920
base64_encode a random salt
I have a method which generates a random salt then I use sha1() on it. How safe would it be to use base64_encode() after I sha1() it? And when I say "safe" I mean, does it have any known collisions or problems with it? I want to use base64_encode() as a means to make it visually different from a sha1() hash but don't know if it makes a hash (in any way) weaker if I do that. Also, is there a better way do what I'm trying to accomplish while staying within PHP4 (yes, that's PHP 4).
A few things: I'm not interested in encryption or that base64_encode() can be decoded. I know it can be decoded.
Upvotes: 0
Views: 1596
Answers (2)
Reputation: 11552
Just use SHA-256 and call it a day.
SHA256 Secure Hash Algorithm for PHP 4+
http://www.nanolink.ca/pub/sha256/
No need for double encoding or encrypting.
Upvotes: 2
Reputation: 92752
Base64 is not a hashing algorithm (those are one-way, amongst other things), it's a reversible encoding algorithm - takes one form of input and transforms it into another form - the contents (and their cryptographical properties) remain the same.
This is similar to other reversible encodings - e.g. writing the hash of string backwards won't affect any of its other properties.
As you see, this won't make the contents any more safe, nor any less safe - it will simply present them differently.
TL;DR: It's pointless.
Upvotes: 2
Related Questions
- decode base64 encode string with salt
- PHP base64_encode returning incorrect results
- string base64_encode/decode fails?
- PHP Base64_decode
- base64_encode acts strange
- base64 encoding/decoding in php
- PHP base64_encode dont work correctly
- base64 encoded data mixed in with "random" hex
- How do I convert a base64 string?
- base64_encode weird behavior