Best encryption algorithm in VC:MP?

Started by PunkNoodle, Feb 03, 2017, 11:23 AM

Previous topic - Next topic

What's the best algorithm?

MD5
SHA1
SHA224
SHA256
SHA384
SHA512
RIPEMD128
RIPEMD160
RIPEMD256
RIPEMD320
WHIRLPOOL

PunkNoodle

Among the availables ones in VC:MP, what are the best encryption algorithms and why? Let alone the salt, topic is purely about how strong those algorithm are.


Throw in your opinion folks!

vito

I think md5+salt is enough for gaming server.
If you need facts "how strong those algorithm are" google it. All is documented already.

PunkNoodle

That's not what I meant, it's not about facts but opinions, I already know I can google that.

DizzasTeR

Best encryption?

SHA256( WHIRLPOOL( SHA512( MD5( RIPEMD320( base64_encode( "Your Password" ) ) ) ) ) );


jWeb

MD5 and SHA1 are known to be weak and deprecated when it comes to passwords. If you use those then you might as well not use any encryption at all.

However, when it comes to VCMP, you can literally use any hashing method. I seriously doubt anyone here will be able to reverse even the weakest of them.

Yes, if you were a multi-billion $ company where clients could loose huge amounts of money if your database was compromised then you might have something to worry. But VCMP? Come on people. Get real.

Jekko

I guess Whirlpool is the most secure and it's functioning is fast that's why I prefer it and it is also used in SA-MP.

PunkNoodle

Quote from: happymint on Dec 09, 2016, 11:59 PMnot sure how you people managed to do it but you just summarized this community in one topic with a few posts
With the exception of Jekko that managed to give a non off topic opinion. Next time try to actually read the topic before replying, also you might wanna google the word "debate".

Thijn

Quote from: ...happymint_ on Feb 03, 2017, 12:19 PMThat's not what I meant, it's not about facts but opinions, I already know I can google that.
How can picking the best algorithm not be about facts?

PunkNoodle

You're right, what I'm trying to say is that I'm tired of these responses like "use Google", I already know that, I got common sense, at least I think so. Pretty much all the topics here become a cradle for people to bash at others without necessarily insulting. I can see the culprit in someone who indeed has a deep knowledge but a crappy behaviour, I can accept it to some degree. Now what bothers me is that here people started following this line of thinking because it's "cool" yet lacking the same capabilities of "the culprit", so every topic becomes automatically spam, where a solution must be found as soon as possible and lock the topic. I can't agree with that, a forum isn't a support center, except the related board of course, a forum is a place for debating and to exchange opinions in a polite way, it doesn't matter if a topic becomes large as long as there are valuables responses. Anyone is welcomed to bring facts here of course. I was trying to avoid those kind of responses due to several reasons, i.e. maybe I already used Google and didn't find a decent response, maybe I didn't use Google at all or maybe I even found a decent response but all I wanted was to have a relaxed debate about it from a VC:MP community point of view. I invite all to be more relaxed and keep enjoying discussing in a respectful way. Hope my post clarified my previous statement. Peace :)

jWeb

#10
Honestly, the strength of the password doesn't come just from the hashing algorithm. But also from salting the passwords to make sure passwords like '123456' don't get cracked easily by rainbow tables. And if that doesn't work, then enforcing users to use passwords of a minimum length of characters (6 is very common) and thoroughly inspecting the passwords to make sure they include digits as well as letters (preferably both upper and lower case) and possibly other symbols and also doesn't resemble the user name too much.

If you rely on the hashing algorithm to do all the job then that might turn out to be your Achilles heel. Because even the weakest hashing algorithm can be stronger than the strongest one if used poorly.

It all depends on how clever you get with increasing the passwords strength.

Which is why people here took this as a joke. Because you took it as a joke. Since your question was what is the best algorithm to protect passwords instead of what is the best method to protect passwords. There's a difference, you know.

PunkNoodle

You know why I didn't ask that? Because I already got a reply for that, that is this topic: http://forum.vc-mp.org/?topic=1382.0

I never said I was gonna use an algorithm without salt, that topic already exhausted that matter, at least for me. Now putting salt and all the rest apart, I wanted to open a thread purely on the choice of the best algorithm, doesn't matter if as some of you say MD5 is enough for VC:MP, which is probably true, but still that's not my question, my question is: What's the strongest algorithm between those available in VC:MP, not what's the best algorithm for VC:MP. There is a subtle difference there too.

jWeb

#12
Quote from: ...happymint_ on Feb 05, 2017, 06:43 PM...What's the strongest algorithm between those available in VC:MP, not what's the best algorithm for VC:MP. There is a subtle difference there too.

So let me get this straight. You're not looking for the best algorithm for VC:MP but the strongest one? In what f*ing world are you making any sense?

I've spent the last couple of minutes trying to contemplate the meaning behind that and I still haven't put it together. Can someone please help me understand what dafuq does that mean?

These hashing algorithms are among the most popular ones. And every f*ing information, comparison, review, technical specification, benchmark etc. you can possibly find is already out there on the internet.

Comparison of cryptographic hash functions
Crypto++ 5.6.0 Benchmarks
Study and Comparative Analysis of Different Hash Algorithm
The Definitive Guide to Cryptographic Hash Functions (Part 1)
Speed Hashing

And every f*ing other link I can possibly include here. Just how different do you think is VC:MP from the rest of the world? What makes VC:MP hashing so f*ing special to you? Just what more can we add to the plethora of information out there?

I really apologize for snapping like that but someone had to slap the sh!t out of you and wake you to reality.

PunkNoodle

First I thank you for sharing those links that I'll review carefully in a moment. Second I used "best" and "strongest" as synonyms in this case since I assumed it is the same thing, alright I didn't take into account performance but whatever, I didn't expect someone to take all my words literally there, my bad. Third I find you to be a bit dense here, it's not the first time somebody asks "a" and you reply to "b". I'm asking what's the best algorithm between those available in VC:MP, the ones in the poll and image, not the best algorithm out there, since somebody could come up with one that isn't included in the hashing plugin, was it really that hard to understand? I might as well think that I could explain better of course but the thing is I noticed you go off topic pretty often. You surely have a deep knowledge and I respect you for that and also appreciate you for taking the time to reply exhaustively in most topics and ending up being more than helpful most of the time, but I don't share your attitude, I really hope you improve with that and learn to cool your jets and be more down to earth. Hope you take at least this reply in the right way and as a friendly advice. Regards :)