Reputation: 412
Attempting to Hash known data, but not allow user to recreate hash
I have a situation where my application creates a hash based on it's serial number(for example: A1C2-E3G-4I5K). The serial is known to the user. The hash will also be known to the user. What is the best strategy to hash the data while making it impossible/extremely difficult for the user to create the hash themselves?
I am using the hash as a way of showing that an action has taken place on the remote application.
I have thought about private Key encryption, but it could be possible for the user to get hold of the private key themselves.
Upvotes: 0
Views: 45
Answers (2)
Reputation: 1510
You could look into a Keyed-HMAC. Basicly you create a lets say SHA-256 hash on your value plus a secret key, only known to your application. With that assumption user will not be able to create valid hash for his own.
Upvotes: 1
Reputation: 575
You could try "salting" the serial number before hashing it http://en.wikipedia.org/wiki/Salt_%28cryptography%29
Upvotes: 0
Related Questions
- How to create a hash function to mask confidential informations?
- Creating a hash that is read-only outside of a module, but read/write inside
- Generate “hash” functions programmatically
- How to prevent mutable object usage in a hash structure?
- Is there a lightweight way to lock down a set of keys on a Hash?
- Storing manipulated hashes instead of the correct ones
- Generating a unique hash for a custom structure?
- Purposely create two files to have the same hash?
- Hash and encryption in combination: Preserve security