# CSE 130 Lecture Notes - Lecture 17: Cryptographic Hash Function, Short Circuit, Scrypt

23 views4 pages

9 Mar 2018

School

Department

Course

Professor

Back to Monads

Laws:

1. Return x >>= f = f x

2. m >>= return = m

3. m >>= (\x -> k x >>= h) = (m >>= K) >>= h

In do notation:

do x <- m do (m

do y <- K x = y <- K x

h y do h y

Theorem: putStr r >> putStr s = putStr (r ++ s)

Proof:

BC: r = []

ID:

Instance that’s NOT IO?

Instance Monday Maybe where

return :: a -> Maybe a

return x = Just x

(>>=) :: Maybe a -> (a -> Maybe b) -> Maybe b

act1 (>>=) K = case act1 of

Just x -> K x

_ -> Nothing

What’s wrong with saying that the password is incorrect? Well you just typed a garbage

password and exposed to whom the email belongs. And hackers can do stuff to them!

Solution: Hiding users!

function login(req) {

If (!isValid(req.user)) {

//reply “Sorry dunno” ← this doesn’t do any hashing!

} else {

const pH = findPass(req.user);

If (pH !== hash(req.pass)) {

//reply “sorry dunno” ← this takes time to hash!

} else {

// log you in

}}}

Is this right? HELL NO

Hasing Takes Time

What is a cryptographic hash function?

- “Pre-image” resistant: Given an output, cannot find an input s.t. hash(input) = output

- Second pre-image resistant: Given input1, can’t find input2 s.t. hash(input1) = hash(input2)