xsha1: cryptanalysis of Blizzard's broken SHA-1 implementation.

[ cryptography, library, mit ] [ Propose Tags ] [ Report a vulnerability ]

Caution: XSHA1 is weak, and should not be used as a hash.

XSHA1 is used in password and CD key authentication in older Blizzard games (Starcraft, Diablo 2) among other things. The fact that it's cryptographically weak has been known for years: this is a public analysis of the weakness. The goal is to determine risk posed to users, and find safeguards if possible.

The code is geared for rapid interactive development with GHCI. Excuse the lax conventions.

Data.Digest.* implements and explores XSHA1, while Data.Codec.* contains applications.

Flags

Automatic Flags
NameDescriptionDefault
split-baseEnabled

Use -f <flag> to enable a flag, or -f -<flag> to disable that flag. More info

Downloads

Maintainer's Corner

Package maintainers

For package maintainers and hackage trustees

Candidates

  • No Candidates
Versions [RSS] 0.0.0
Dependencies base (>=4 && <5), HUnit, QuickCheck, uniplate, vector [details]
License MIT
Author Alex Kropivny <alex.kropivny@gmail.com>
Maintainer Alex Kropivny <alex.kropivny@gmail.com>
Category Cryptography
Uploaded by AlexKropivny at 2012-03-15T05:10:20Z
Distributions
Reverse Dependencies 1 direct, 0 indirect [details]
Downloads 1328 total (3 in the last 30 days)
Rating 2.0 (votes: 1) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Docs uploaded by user
Build status unknown [no reports yet]