hiveblocks今天早些时候的帖子提到一个STEEM的菠菜应用Magic Dice,并且我说它解决了透明性和公平性等问题,简单来讲,就是***庄家(服务提供者)无法出老千(控制开奖结果)***。
(图源 :[pixabay](https://pixabay.com/))
在更进一步介绍它如何实现无法出老千这个问题之前,我们先来简单看看和密码学相关的两个概念。因为我不是专家,所以就粗略介绍一下,太深入的讲解就会贻笑大方的。
# HASH
>Hash,一般翻译做“散列”,也有直接音译为“哈希”的,就是把任意长度的输入(又叫做预映射pre-image)通过散列算法变换成固定长度的输出,该输出就是散列值。
——来自百度百科[Hash (散列函数)](https://baike.baidu.com/item/Hash/390310)
这个东西有什么用呢?它的用途之一就是防篡改(其它用途我们暂不讨论)。在我70大寿(Reputation 70)的时候,曾经搞过一次奖励为100个STEEM的抽奖,为了证明抽奖的公平性,中奖数字是已HASH的形式发布到抽奖活动贴里,这样开奖时,公布生成中奖数字的代码,就可以证明我没有作弊。
比如,活动贴中我公布了如下HASH
>💰一等奖抽奖密码: fcc420adc5de61752db7ecfa837564f45c47852b
💰二等将抽奖密码: 69bc4460aaab914869fa8209da3d06f1494ea62d
💰三等将抽奖密码: 0e756e1b5d7dc2bab3d86b3d490d3801b904f929
而开奖贴我公布了如下代码(其中sha1是hash所使用的算法,我们还可以使用MD5、SHA256等等):
>`hashlib.sha1(bytes('一等奖中奖密码:6', 'utf-8')).hexdigest()`
'fcc420adc5de61752db7ecfa837564f45c47852b'
`hashlib.sha1(bytes('二等奖中奖密码:8', 'utf-8')).hexdigest()`
'69bc4460aaab914869fa8209da3d06f1494ea62d'
`hashlib.sha1(bytes('三等奖中奖密码:1', 'utf-8')).hexdigest()`
'0e756e1b5d7dc2bab3d86b3d490d3801b904f929'
如果我想作弊,那么必须用不同的内容,生成相同的HASH,那几乎是不可能的。比特币以及STEEM中签名算法,都用到了HASH函数,这也是防篡改的应用之一吧。
# HMAC
在说HMAC之前,我们在回到HASH上来。以网站常用与身份验证MD5为例,网站一般不保存用户密码,而是保存用户密码的HASH(MD5值),当用户登录授权时,网站必对用户密码以及数据库中的MD5值,判断是否是合法用户。
但是这样做存在一个风险,假设网站包含用户密码MD5值的数据库泄露,那么我用常见密码字典生成一个MD5字典,并于网站数据库中的值进行比对,这样就有很大的可能碰撞出一大堆用户名密码的明文。(彩虹攻击)
那么如何防止这种情况呢?简单的办法是加一个混淆量,比如之前的代码:
>`hashlib.sha1(bytes('一等奖中奖密码:6', 'utf-8')).hexdigest()`
可以改成
>`hashlib.sha1(bytes('mypassword'+'一等奖中奖密码:6', 'utf-8')).hexdigest()`
但是一种更简单更安全的方式是使用HMAC,简单来讲,可以理解为***带密码的HASH***。
所以上述代码可以改写成:
>`hmac.new(b'mypassword', bytes('一等奖中奖密码:6', 'utf-8'), digestmod='SHA1').hexdigest()`
想了解更多详情的,可以移步https://en.wikipedia.org/wiki/HMAC,总之我是看不懂啦。
(图源 :[pixabay](https://pixabay.com/))
就这样了,再多说就要暴露我其实啥也不懂的事实了,言多必失啊。
----
<center><strong>Vote For Me As Witness</strong>
https://steemit.com/~witnesses type in **`oflyhigh`** and click ***`VOTE`***
[](https://steemit.com/~witnesses)
[Vote @oflyhigh via Steemconnect](https://steemconnect.com/sign/account-witness-vote?witness=oflyhigh&approve=1)
<strong>Thank you!</strong></center>| author | oflyhigh |
|---|---|
| permlink | hash-hmac |
| category | cn |
| json_metadata | {"tags":["cn","hash","hmac","cn-programming"],"image":["https://steemitimages.com/DQmRkLq6rRew3mHfx4vYGWyqpC8wSebLPeC2iZCXAdpuGkR/image.png","https://cdn.steemitimages.com/DQmT5UpzBvHpwci9Xxp3AYBVnn1gp6KawnV1aTdDX26JNGf/image.png","https://cdn.steemitimages.com/DQmX5NysqT44FBa3bhuWqQ69nAbseu8Nt5YQPn2pYejPVxA/image.png"],"links":["https://pixabay.com/","https://baike.baidu.com/item/Hash/390310","https://en.wikipedia.org/wiki/HMAC,总之我是看不懂啦。","https://steemit.com/~witnesses","https://steemconnect.com/sign/account-witness-vote?witness=oflyhigh&approve=1"],"app":"steemit/0.1","format":"markdown"} |
| created | 2018-12-16 10:22:33 |
| last_update | 2018-12-16 10:22:33 |
| depth | 0 |
| children | 1 |
| last_payout | 2018-12-23 10:22:33 |
| cashout_time | 1969-12-31 23:59:59 |
| total_payout_value | 14.868 HBD |
| curator_payout_value | 4.521 HBD |
| pending_payout_value | 0.000 HBD |
| promoted | 0.000 HBD |
| body_length | 2,368 |
| author_reputation | 6,360,760,914,385,872 |
| root_title | 每天进步一点点:HASH以及HMAC |
| beneficiaries | [] |
| max_accepted_payout | 1,000,000.000 HBD |
| percent_hbd | 0 |
| post_id | 76,913,796 |
| net_rshares | 33,255,122,786,873 |
| author_curate_reward | "" |
| voter | weight | wgt% | rshares | pct | time |
|---|---|---|---|---|---|
| abit | 0 | 413,903,805,274 | 100% | ||
| adm | 0 | 18,890,370,548,495 | 100% | ||
| thecryptodrive | 0 | 162,873,459,064 | 25% | ||
| wongshiying | 0 | 1,322,530,214 | 100% | ||
| blockchainbilly | 0 | 5,100,458,849 | 50% | ||
| jesse5th | 0 | 65,628,640 | 50% | ||
| deanliu | 0 | 1,418,044,281,009 | 100% | ||
| ace108 | 0 | 401,695,284,439 | 25% | ||
| laoyao | 0 | 37,183,536,623 | 100% | ||
| somebody | 0 | 786,681,960,834 | 100% | ||
| midnightoil | 0 | 137,260,857,654 | 100% | ||
| xiaohui | 0 | 750,055,618,511 | 100% | ||
| silentlucidity53 | 0 | 0 | 75% | ||
| oflyhigh | 0 | 2,751,720,150,882 | 100% | ||
| xiaokongcom | 0 | 203,164,711 | 100% | ||
| yulan | 0 | 15,666,758,626 | 100% | ||
| chinadaily | 0 | 248,039,327,963 | 100% | ||
| helene | 0 | 946,335,145,825 | 100% | ||
| ethansteem | 0 | 279,637,404,852 | 100% | ||
| jianghao | 0 | 181,676,029 | 10% | ||
| eforucom | 0 | 24,865,389,768 | 1.16% | ||
| redes | 0 | 1,509,613,205,036 | 29% | ||
| lalala | 0 | 202,712,154,660 | 100% | ||
| bukiland | 0 | 2,780,863,757 | 0.81% | ||
| devilwsy | 0 | 2,331,060,470 | 100% | ||
| janiceting | 0 | 2,327,655,287 | 100% | ||
| lydiachan | 0 | 36,257,350,939 | 100% | ||
| romaldos | 0 | 0 | 1% | ||
| newhope | 0 | 2,411,022,273,298 | 29% | ||
| blackbunny | 0 | 155,859,433,388 | 100% | ||
| bxt | 0 | 207,244,877,607 | 100% | ||
| lingfei | 0 | 70,792,265,527 | 100% | ||
| yyyy | 0 | 426,832,348 | 100% | ||
| elviento | 0 | 525,501,798 | 0.7% | ||
| austinsandersco | 0 | 730,364,217 | 70% | ||
| teachblogger | 0 | 4,576,435,191 | 50% | ||
| kingofdew | 0 | 45,609,501,825 | 100% | ||
| frankintaiwan | 0 | 0 | 10% | ||
| wylo | 0 | 555,800,896 | 100% | ||
| susanlo | 0 | 75,926,356,073 | 100% | ||
| jkkim | 0 | 27,068,039 | 10% | ||
| ebejammin | 0 | 6,100,471,253 | 100% | ||
| cryptohustler | 0 | 34,289,997,959 | 100% | ||
| traindriver | 0 | 554,714,820 | 100% | ||
| exec | 0 | 83,392,318,019 | 100% | ||
| eval | 0 | 691,869,703 | 100% | ||
| catchawhale | 0 | 43,677,198,478 | 20% | ||
| speeding | 0 | 3,665,856,174 | 100% | ||
| walkinharmony | 0 | 15,149,882,433 | 40% | ||
| asterix87 | 0 | 14,081,518,495 | 100% | ||
| canbethisone | 0 | 4,109,230,449 | 50% | ||
| haiyangdeperci | 0 | 6,940,752,923 | 20% | ||
| abetterworld | 0 | 2,903,570,143 | 100% | ||
| raili | 0 | 5,405,528,845 | 50% | ||
| that1consultant | 0 | 252,556,455 | 100% | ||
| sanzo | 0 | 352,339,796 | 100% | ||
| davaowhenyo | 0 | 556,343,454 | 100% | ||
| allenshayzar | 0 | 556,343,454 | 100% | ||
| raku | 0 | 554,195,243 | 100% | ||
| resteeming | 0 | 556,739,354 | 100% | ||
| ravenousappetite | 0 | 556,343,454 | 100% | ||
| aabb | 0 | 13,078,643,019 | 100% | ||
| auntigormint | 0 | 487,652,273 | 100% | ||
| mrliga | 0 | 20,751,445,007 | 100% | ||
| marlon6 | 0 | 26,917,136,136 | 17% | ||
| sweethoney | 0 | 238,258,403 | 100% | ||
| liangfengyouren | 0 | 1,843,537,291 | 50% | ||
| idx | 0 | 12,924,170,153 | 100% | ||
| jiangchen | 0 | 11,775,563,268 | 100% | ||
| lancy | 0 | 4,498,716,360 | 92% | ||
| bearpaw | 0 | 52,725,040 | 100% | ||
| freedom-fighter | 0 | 556,343,454 | 100% | ||
| technologynepal | 0 | 554,195,243 | 100% | ||
| chenlocus | 0 | 1,261,060,439 | 40% | ||
| dgorbunov | 0 | 497,510,834 | 100% | ||
| khalilad | 0 | 557,193,055 | 100% | ||
| ms8988 | 0 | 552,893,998 | 100% | ||
| xiaoshancun | 0 | 4,220,468,523 | 100% | ||
| stakuza | 0 | 345,246,478 | 100% | ||
| holmesian | 0 | 175,505,805 | 100% | ||
| ikonik | 0 | 343,531,738 | 100% | ||
| vfxness | 0 | 17,564,599 | 100% | ||
| lemminon | 0 | 557,193,055 | 100% | ||
| bobdos | 0 | 8,601,607,634 | 50% | ||
| heyeshuang | 0 | 607,619,547 | 100% | ||
| razor80 | 0 | 547,714,469 | 100% | ||
| fastiduos | 0 | 557,193,055 | 100% | ||
| winniex | 0 | 3,521,565,807 | 10% | ||
| rebecca80 | 0 | 146,073,542 | 100% | ||
| weavingwords | 0 | 61,006,216,987 | 100% | ||
| nitro.live | 0 | 273,739,622 | 100% | ||
| huatanzhang | 0 | 1,750,069,423 | 100% | ||
| chaerin | 0 | 160,662,300 | 100% | ||
| windowglass | 0 | 8,755,995,524 | 30% | ||
| cnbuddy | 0 | 1,107,360,782 | 0.1% | ||
| chann | 0 | 3,736,850,271 | 20% | ||
| coindzs | 0 | 6,095,933,965 | 100% | ||
| shakailove | 0 | 196,582,030 | 2.75% | ||
| steemitag | 0 | 3,325,737,829 | 10% | ||
| ewq | 0 | 79,233,117 | 3% | ||
| iguazi123 | 0 | 100,356,185 | 4% | ||
| daeshawn | 0 | 364,075,360 | 2.25% | ||
| maiyude | 0 | 842,787,432 | 5% | ||
| osobiggie | 0 | 140,450,211 | 1.2% | ||
| kennybrown | 0 | 100,657,491 | 1% | ||
| amayahaley21 | 0 | 56,911,071 | 1% | ||
| yjcps | 0 | 4,215,424,892 | 100% | ||
| historylover | 0 | 1,007,968,046 | 100% | ||
| btccurrency1 | 0 | 65,678,925 | 100% | ||
| ethanlee | 0 | 3,541,052,144 | 100% | ||
| fredo77200 | 0 | 3,606,432,548 | 100% | ||
| fanso | 0 | 1,563,241,691 | 100% | ||
| sweetpee | 0 | 165,725,192 | 1% | ||
| cryptoknight27 | 0 | 556,954,377 | 100% | ||
| let-it-fly | 0 | 852,849,953 | 100% | ||
| khayziljoy | 0 | 66,181,431 | 100% | ||
| hepeng.chn | 0 | 97,372,378 | 100% | ||
| honoru | 0 | 6,057,525,572 | 100% | ||
| agoha | 0 | 167,397,350 | 50% | ||
| ardi94 | 0 | 9,228,992,395 | 75% | ||
| azimiro | 0 | 526,974,150 | 100% | ||
| moneybaby | 0 | 28,804,118 | 10% | ||
| bambugrove | 0 | 435,925,902 | 100% | ||
| astros | 0 | 2,526,323,262 | 100% | ||
| cookiees | 0 | 527,090,872 | 100% | ||
| partiko | 0 | 297,604,952,141 | 3% | ||
| money-way | 0 | 383,856,554 | 100% | ||
| decagonour | 0 | 526,939,275 | 100% | ||
| doneliseo | 0 | 63,960,570 | 76% | ||
| steemcircle | 0 | 167,990,569 | 10% | ||
| alijewel | 0 | 550,603,598 | 100% | ||
| gpcx86 | 0 | 108,986,141 | 5% | ||
| blues-wclouds | 0 | 125,737,135 | 100% | ||
| julian2013 | 0 | 2,929,384,960 | 10% | ||
| steeming-hot | 0 | 46,993,079 | 0.25% | ||
| jmiller05 | 0 | 115,929,271 | 2% | ||
| bitalk-cc | 0 | 364,463,987,563 | 100% | ||
| hongman96 | 0 | 385,920,908 | 100% | ||
| slientstorm | 0 | 3,997,266,924 | 50% | ||
| emmyluluameh | 0 | 63,031,086 | 50% | ||
| trimminiature | 0 | 528,028,459 | 100% | ||
| lkvictor2005 | 0 | 9,176,272,884 | 100% | ||
| cryptorunway | 0 | 64,077,909 | 50% | ||
| ygrj | 0 | 125,078,545 | 5% | ||
| sherdzio | 0 | 62,576,346 | 75% | ||
| starrouge | 0 | 77,561,350 | 4% | ||
| nineteensixteen | 0 | 1,647,107,314 | 4.8% | ||
| stmpay | 0 | 6,519,993,433 | 2.02% | ||
| dominancefels | 0 | 531,346,222 | 100% | ||
| pastpoles | 0 | 531,345,209 | 100% | ||
| avalonprosky | 0 | 82,192,637 | 75% | ||
| bluesniper | 0 | 29,069,833,470 | 2% | ||
| sskiller | 0 | 74,393,710 | 30% | ||
| steemall | 0 | 74,235,949 | 30% | ||
| cnstm | 0 | 69,337,383,622 | 8% | ||
| likuang007 | 0 | 269,231,632 | 8% | ||
| mbappe | 0 | 929,810,398 | 2.4% | ||
| lianjingmedia | 0 | 93,155,465 | 8% |
Thank you so much for participating the Partiko Delegation Plan Round 1! We really appreciate your support! As part of the delegation benefits, we just gave you a 3.00% upvote! Together, let’s change the world!
| author | partiko |
|---|---|
| permlink | re-hash-hmac-20181216t103007 |
| category | cn |
| json_metadata | "" |
| created | 2018-12-16 10:30:09 |
| last_update | 2018-12-16 10:30:09 |
| depth | 1 |
| children | 0 |
| last_payout | 2018-12-23 10:30:09 |
| cashout_time | 1969-12-31 23:59:59 |
| total_payout_value | 0.000 HBD |
| curator_payout_value | 0.000 HBD |
| pending_payout_value | 0.000 HBD |
| promoted | 0.000 HBD |
| body_length | 210 |
| author_reputation | 39,207,160,334,751 |
| root_title | 每天进步一点点:HASH以及HMAC |
| beneficiaries | [] |
| max_accepted_payout | 1,000,000.000 HBD |
| percent_hbd | 10,000 |
| post_id | 76,913,966 |
| net_rshares | 0 |