I am trying to encrypt the contents of an EPC Gen 2 RFID tag, but most of the common hashing functions take up significantly more space than I have available (96 bits in data bank). Is there an existing library or a good way to map to this space?
Asked
Active
Viewed 3,809 times
4
-
1Make sure you understand the security implications of what you're wanting before you go down this path. – Reid Oct 12 '14 at 22:19
-
Do you want to encrypt or do you want to hash? As Reid is trying to suggest, 96 bit is rather short for a secure hash. – Maarten Bodewes Oct 12 '14 at 23:21
-
Also note that hashing != encryption. – Maarten Bodewes Oct 13 '14 at 13:16
1 Answers
5
You can pick any hash algorithm with an output of greater than 96 bits, and use just 96 bits of the result. Just be sure you're consistent and, say, always take the least signficiant 96 bits.
Greg Hewgill
- 951,095
- 183
- 1,149
- 1,285
-
The common method in cryptography is to take the leftmost bits, which would be the "most significant" bits when considering big endian numbers (which is used as common endianness most of the time). Of course, with a hash not usually being a number, talking about taking the least significant is moot. – Maarten Bodewes Oct 12 '14 at 23:24
-
1Indeed, I could have said "leftmost" or "rightmost", but consistency is the point there. Any reasonable hash algorithm has uniform entropy in all bits of its output. – Greg Hewgill Oct 12 '14 at 23:26
-
That's true, but every hash function and every MAC and every KDF I know uses the leftmost bytes, so I would strongly recommend keeping to that ad-hoc standard. – Maarten Bodewes Oct 12 '14 at 23:28
-
@owlstead Well there is HOTP/TOTP which uses a random position. Some people like unnecessary complexity... – CodesInChaos Oct 13 '14 at 10:30
-
@CodesInChaos Sheesh. How to show you don't understand cryptography. I'm in a constant fight against complexity in protocols, I think your example helps to show that you *should* keep to standards, even ad-hoc ones. – Maarten Bodewes Oct 13 '14 at 13:33