CSE 130 Lecture Notes - Lecture 17: Cryptographic Hash Function, Short Circuit, Scrypt
23 views4 pages
9 Mar 2018
School
Department
Course
Professor
Back to Monads
Laws:
1. Return x >>= f = f x
2. m >>= return = m
3. m >>= (\x -> k x >>= h) = (m >>= K) >>= h
In do notation:
do x <- m do (m
do y <- K x = y <- K x
h y do h y
Theorem: putStr r >> putStr s = putStr (r ++ s)
Proof:
BC: r = []
ID:
Instance that’s NOT IO?
Instance Monday Maybe where
return :: a -> Maybe a
return x = Just x
(>>=) :: Maybe a -> (a -> Maybe b) -> Maybe b
act1 (>>=) K = case act1 of
Just x -> K x
_ -> Nothing
What’s wrong with saying that the password is incorrect? Well you just typed a garbage
password and exposed to whom the email belongs. And hackers can do stuff to them!
Solution: Hiding users!
function login(req) {
If (!isValid(req.user)) {
//reply “Sorry dunno” ← this doesn’t do any hashing!
} else {
const pH = findPass(req.user);
If (pH !== hash(req.pass)) {
//reply “sorry dunno” ← this takes time to hash!
} else {
// log you in
}}}
Is this right? HELL NO
Hasing Takes Time
What is a cryptographic hash function?
- “Pre-image” resistant: Given an output, cannot find an input s.t. hash(input) = output
- Second pre-image resistant: Given input1, can’t find input2 s.t. hash(input1) = hash(input2)