Click here to Skip to main content
14,971,409 members
Please Sign up or sign in to vote.
5.00/5 (1 vote)
See more:
I have been reading and researching extensivly about different types of file signatures to try and understand what is the best and quickest way to single out viruses and as of yesterday I ran into a large stock of Base64 Signatures. Currently my scanner is MD5 Hash but feel it would be of great improvement to add the base64 or to convert MD5 hash to base64 to use.

Any input or advise on this would be greatly accepted as I am nearing my completion of my project and dont want to miss anything that may make the project better.

thank you in advance! :)
Posted
Updated 8-Mar-21 1:50am
Comments
Dale 2012 12-Feb-11 2:53am
   
I am not sure this helps but it may bring some light or spark some interest:

Parts
s - str variable. Receives result.
1,2,4,8,16,32 - encryption algorithm. Also can be 1|4 (BlowFish+Base64), 1|8 (BlowFish+Hex), 2|4 (MD5+Base64) and 2|8 (MD5+Hex), 32|4 (LZO+Base64) and 32|8 (LZO+Hex).
src - string to encrypt or decrypt. If src is str variable, it can contain binary data. Default: s itself.
key - encryption key. String of 1 to 56 characters length.
src2 - second string to hash with src. Optional.
password - password to encrypt or decrypt.
function - name of the function to which the password will be passed. String.
flags - combination of values that depend on algorithm. Default: 0.


The part here that makes me think is 2|4 (MD5+Base64) what does this mean?

Dan, Dan, Dan.

Please, break out your browser, and start to use Google: http://en.wikipedia.org/wiki/Base64[^]

Base 64 is not a hashing algorithm. It is a way of translating data so that is can be reliably transported over non-binary communications links: like converting the byte value 243 (hex: F3) to a two character string "F3", only a lot more efficient since it breaks a stream of 8 bit bytes into 5 bit values and converts them into printable characters.
   
Comments
Dale 2012 12-Feb-11 3:07am
   
ok so can both md5 and base64 signatures be used in one text file to use as a signature definition database (so to speak of)?.....
Dale 2012 12-Feb-11 3:09am
   
Im not looking for code examples or solutions..... Just some explination in terms I can understand without going to deep into the workings of everything. I am eager to learn whatever I can but I am a visual learner with limitaions to what I understand and what More I need to read about to understand if I can.
OriginalGriff 12-Feb-11 3:13am
   
Dan - read what I said. MD5 and Base64 are not the same thing. MD5 is a hashing algorithm. Base64 is a transport algorithm. You can encode an MD5 hash value in Base64 for transport, or you can take an MD5 of a Base64 stream, but they do not do the same job!
   
Dale,
Sorry, you're not eager to learn, really. To me, your words "in terms I can understand without going to deep" is clear indication. Good students try to improve their own level of understanding instead of demanding easier teaching (even though it could help). Please don't take is as an offence, better try to use it for your own sake.
--SA
Dale 2012 12-Feb-11 4:03am
   
ok got ya and thank you to re explain what does what..... :)
   
OP already asked similar, more concrete question. I tried to explain.
--SA
   
Griff, I voted 5 and provided explanation that, more generally, "convertion" (even from one hash to another) not simply impossible, it makes no sense.
However, in the question I mentioned above, OP did not get it, started to go into detail, which are irrelevant because whole idea makes no sense.
--SA
In addition to what Griff said: even if you has something to convert, like one hash into another, I already tried to explain: good hash function is practically irreversable. It is designed is such a way to make any "conversion" impossible. People even use hash to store hashes passwords.

Imagine you have to hash algorithms: h1: (source)=>(hash1) and h2: (source)=>(hash2). If h1 and h2 are not related, "conversion" would imply hash1 => source => hash2, but the first step is theoretically impossible: hash contains less information then the source; that is, two different sources can be hashed into the same result.

—SA
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900