@hackage / xsha1

cryptanalysis of Blizzard's broken SHA-1 implementation.

Latest0.0.0

About

Metadata

  • Last updated , by AlexKropivny
  • License MIT
  • Categories Cryptography

  • Maintained by: Alex Kropivny <alex.kropivny@gmail.com>

  • Lottery factor: 0

Links

Installation

Package Flags

Use the -f option with cabal commands to enable flags

    split-base (on by default)

Readme

Caution: XSHA1 is weak, and should not be used as a hash.

XSHA1 is used in password and CD key authentication in older Blizzard games (Starcraft, Diablo 2) among other things. The fact that it's cryptographically weak has been known for years: this is a public analysis of the weakness. The goal is to determine risk posed to users, and find safeguards if possible.

The code is geared for rapid interactive development with GHCI. Excuse the lax conventions.

Data.Digest.* implements and explores XSHA1, while Data.Codec.* contains applications.