{"id":37,"date":"2009-01-09T20:04:49","date_gmt":"2009-01-09T20:04:49","guid":{"rendered":"http:\/\/www.sanchitkarve.com\/blog\/?p=37"},"modified":"2009-01-09T20:04:49","modified_gmt":"2009-01-09T20:04:49","slug":"another-application-of-one-way-hash-functions","status":"publish","type":"post","link":"https:\/\/www.sanchitkarve.com\/blog\/2009\/01\/09\/another-application-of-one-way-hash-functions\/","title":{"rendered":"Another Application of One-way Hash Functions"},"content":{"rendered":"

We\u2019ve all heard of one-way Hash Functions sometime or the other.
\nMost of us have heard about them from books.
\nAn Algorithm\u2019s explanation is usually followed by its applications and most books mention only one major application (in security) ie. implementing password checks and storing them in a database.<\/p>\n

I used to wonder:\u201dThat\u2019s it? One Application in Security?\u201d, and searching on the internet (and some more books) didn\u2019t help either.<\/p>\n

Luckily, I\u2019ve finally found my answers. Now, I\u2019m able to appreciate one-way Hash functions a lot more because I\u2019ve seen it in action. If I had read this application in a book I\u2019m sure that I wouldn\u2019t have realized its importance.<\/p>\n

A few days ago, Nokia Corporation issued a notice to all customers that some of its BL-5C Model Batteries had some manufacturing defects which could cause it to explode. It asked customers to check if their batteries were manufactured between December 2005 and November 2006 and if so, get the battery replaced for free.<\/p>\n

Nokia also allowed its customers to type in their 26 Character Battery Code on their website (www.nokia.com\/batteryreplacement) to see if their battery was faulty or not.<\/p>\n

I decided to check the script which finds out when the battery was manufactured. I thought that by looking at the source code, I could figure out exactly which batteries were faulty.<\/p>\n

This is what the script looks like:<\/p>\n

function rcrcheck_serial()\n{\n   var isgood=false;\n   var serial=document.enterserial.serial.value;\n   var a=\u201d;\n   var b=\u201d;\n   var c=\u201d;\n   if(serial.length<26)\n   {\n      alert(\u201dThe identification number is incorrect. Please check that you have entered the full 26 characters of the battery identification number.\u201d);\n      return false;\n   }\n   if(serial.length>26)\n   {\n      alert(\u201dThe identification number is incorrect. Please check that you have entered the full 26 characters of the battery identification number.\u201d);\n      return false;\n   }\n   a=md5(serial.substr(7,6));\n   b=md5(serial.substr(13,1));\n   c=md5(serial.substr(14,3));\n\n   if(a!=\u201dea4a302b5cbd017871ec94fd6ae189b5?\n&&amp;amp;amp;amp; a!=\u201d1f098214896cc40cfabc3b2403a65b75? \/\/###\n&& a!=\u201dfd06cd296b4bf634d85e26884565aa6c\u201d) { \/\/###\nwindow.location=\u201drcrb2.html\u201d;\nreturn false;\n}if(b==\u201d8d9c307cb7f3c4a32822a51922d1ceaa\u201d b==\u201d7b8b965ad4bca0e41ab51de7b31363a1?) { \/\/###\nif(c==\u201d84eb13cfed01764d9c401219faa56d53?){return true;} \/\/###\nif(c==\u201dd2490f048dc3b77a457e3e450ab4eb38?){return true;} \/\/###\nif(c==\u201d441954d29ad2a375cef8ea524a2c7e73?){return true;} \/\/###\nif(c==\u201d0e51011a4c4891e5c01c12d85c4dcaa7?){return true;} \/\/###\nif(c==\u201daf032fbcb07ffc7bd2569d86ae4ce1f5?){return true;} \/\/###\nif(c==\u201d73f7634ab3f381fb40995f93740b3f8a\u201d){return true;} \/\/###\nif(c==\u201d738cccd4fda172441f216712a488dca6?){return true;} \/\/###\nif(c==\u201df803dfeb3583d5099a58a7478f28bd75?){return true;} \/\/###\nif(c==\u201d7f5144f962efde75e0f7661e032166db\u201d){return true;} \/\/###\nif(c==\u201d8fc4c7ab4453d247e011738197b6136c\u201d){return true;} \/\/###\n\n\/* Some more Comparisons *\/\n\nif(c==\u201ddefd40204344c9659a0a3eb4ebc125f6?){return true;} \/\/###\nif(c==\u201dc4de9fe96832a877668d0dced80657b8?){return true;} \/\/###\nif(c==\u201d2c62105ee18ecd5f0ee37bc8c35718eb\u201d){return true;} \/\/###\nif(c==\u201d3994f23bfb2b89994bd6e828977b42ae\u201d){return true;} \/\/###\nif(c==\u201d28fd0fbd334515deb8a8291b71941c9e\u201d){return true;} \/\/###\nif(c==\u201d9ac05befca7d6499e3abec9bdfef2b68?){return true;} \/\/###\nif(c==\u201d1732cb437260c60a0744aea8aedfa331?){return true;} \/\/###\nif(c==\u201de1eee5e2b42d45443cdc82db1a3bc465?){return true;} \/\/###\nif(c==\u201d7d06a9cf10f2e9e47e77d6c6cfaa7f54?){return true;} \/\/###\nif(c==\u201d2618045a3a5fc883e65b6bec2fcac3c8?){return true;} \/\/###\nif(c==\u201d2421fcb1263b9530df88f7f002e78ea5?){return true;} \/\/###\nif(c==\u201dfccb60fb512d13df5083790d64c4d5dd\u201d){return true;} \/\/###\nif(c==\u201d15d4e891d784977cacbfcbb00c48f133?){return true;} \/\/###\nif(c==\u201dc203d8a151612acf12457e4d67635a95?){return true;} \/\/###\nif(c==\u201d13f3cf8c531952d72e5847c4183e6910?){return true;} \/\/###\nif(c==\u201d550a141f12de6341fba65b0ad0433500?){return true;} \/\/###\nif(c==\u201d67f7fb873eaf29526a11a9b7ac33bfac\u201d){return true;} \/\/###\nif(c==\u201d1a5b1e4daae265b790965a275b53ae50?){return true;} \/\/###\nif(c==\u201d9a96876e2f8f3dc4f3cf45f02c61c0c1?){return true;} \/\/###\nif(c==\u201d941e1aaaba585b952b62c14a3a175a61?){return true;} \/\/###\nif(c==\u201d9431c87f273e507e6040fcb07dcb4509?){return true;} \/\/###\nif(c==\u201d49ae49a23f67c759bf4fc791ba842aa2?){return true;} \/\/###\nif(c==\u201de44fea3bec53bcea3b7513ccef5857ac\u201d){return true;} \/\/###\nif(c==\u201d821fa74b50ba3f7cba1e6c53e8fa6845?){return true;} \/\/###\nif(c==\u201d250cf8b51c773f3f8dc8b4be867a9a02?){return true;} \/\/###\nif(c==\u201d42998cf32d552343bc8e460416382dca\u201d){return true;} \/\/###\nif(c==\u201d0353ab4cbed5beae847a7ff6e220b5cf\u201d){return true;} \/\/###\nif(c==\u201d51d92be1c60d1db1d2e5e7a07da55b26?){return true;} \/\/###\nif(c==\u201d428fca9bc1921c25c5121f9da7815cde\u201d){return true;} \/\/###\nif(c==\u201df1b6f2857fb6d44dd73c7041e0aa0f19?){return true;} \/\/###\nif(c==\u201d68ce199ec2c5517597ce0a4d89620f55?){return true;} \/\/###\nif(c==\u201de836d813fd184325132fca8edcdfb40e\u201d){return true;} \/\/###\nif(c==\u201dab817c9349cf9c4f6877e1894a1faa00?){return true;} \/\/###\nif(c==\u201d8e6b42f1644ecb1327dc03ab345e618b\u201d){return true;} \/\/###\nif(c==\u201def575e8837d065a1683c022d2077d342?){return true;} \/\/###\nif(c==\u201d2050e03ca119580f74cca14cc6e97462?){return true;} \/\/###\nif(c==\u201d25ddc0f8c9d3e22e03d3076f98d83cb2?){return true;} \/\/###\nif(c==\u201d5ef0b4eba35ab2d6180b0bca7e46b6f9?){return true;} \/\/###\nif(c==\u201d598b3e71ec378bd83e0a727608b5db01?){return true;} \/\/###\nif(c==\u201d74071a673307ca7459bcf75fbd024e09?){return true;} \/\/###\n}\nif(b==\u201d69691c7bdcc3ce6d5d8a1361f22d04ac\u201d b==\u201d6f8f57715090da2632453988d9a1501b\u201d)\n{ \/\/###\n   if(c==\u201d2bb232c0b13c774965ef8558f0fbd615?) {return true;} \/\/###\n   if(c==\u201dba2fd310dcaa8781a9a652a31baf3c68?) {return true;} \/\/###\n   if(c==\u201d69421f032498c97020180038fddb8e24?) {return true;} \/\/###\n   if(c==\u201d85422afb467e9456013a2a51d4dff702?) {return true;} \/\/###\n   if(c==\u201d13f320e7b5ead1024ac95c3b208610db\u201d) {return true;} \/\/###\n}\nwindow.location=\u201drcrb2.html\u201d;\nreturn false;\n}<\/pre>\n
This code is awesome because, even after reading the source code, nobody can figure out which models are faulty. At the most what we can understand is that Battery Information (Date of Manufacture, Location of Manufacture) is present between the 8th and 17th characters. The characters between 18 and 26th positions could hold the amount of batteries manufactured by the factory before the current unit. We also know that the battery is faulty for some 334 combinations of characters between the 14th and 17th positions. But having this knowledge is futile.<\/p>\n
Hence by using a one-way Hash Algorithm (MD5 in this case), we can hide such information (factory codes of factories which manufactured the faulty batteries) even in the source code. This way we can protect such vital information from being stolen by anyone even if he has access to the complete source code, and this according to me is one of the most brilliant applications of One-way Hash functions.<\/p>\n","protected":false},"excerpt":{"rendered":"
We\u2019ve all heard of one-way Hash Functions sometime or the other. Most of us have heard about them from books. An Algorithm\u2019s explanation is usually followed by its applications and most books mention only one major application (in security) ie. implementing password checks and storing them in a database. I used to wonder:\u201dThat\u2019s it? One […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[7],"tags":[29,35],"_links":{"self":[{"href":"https:\/\/www.sanchitkarve.com\/blog\/wp-json\/wp\/v2\/posts\/37"}],"collection":[{"href":"https:\/\/www.sanchitkarve.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sanchitkarve.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sanchitkarve.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sanchitkarve.com\/blog\/wp-json\/wp\/v2\/comments?post=37"}],"version-history":[{"count":0,"href":"https:\/\/www.sanchitkarve.com\/blog\/wp-json\/wp\/v2\/posts\/37\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.sanchitkarve.com\/blog\/wp-json\/wp\/v2\/media?parent=37"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sanchitkarve.com\/blog\/wp-json\/wp\/v2\/categories?post=37"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sanchitkarve.com\/blog\/wp-json\/wp\/v2\/tags?post=37"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}