亚洲国产日韩欧美一区二区三区,精品亚洲国产成人av在线,国产99视频精品免视看7,99国产精品久久久久久久成人热,欧美日韩亚洲国产综合乱

1. 從date和privateKey生成一個單向函數(shù)，如 `f(num) = SHA256(num ++ date ++ privateKey)` (++表示字符串拼接)
2. 隨機生成一個3位數(shù)字a, 計算 `b = f(a)`
3. 取 `c = b中的前5位數(shù)字`, 返回 `a ++ c`

The unavoidable problem: There are too few things that can be stored in an 8-digit number (1e8 或 2^30).
So this method is almost completely resistant to exhaustion. The attacker only needs to fix the first 3 bits and exhaust the last 5 bits.
When using it, the algorithm itself must be kept secret, or restrictions such as the number of attempts must be added.

A variant that slightly increases the difficulty of exhaustion:

2. 第一次生成時返回f(1)的前8位數(shù)字 第二次生成時返回f(2)的前8位, ...
3. 檢驗時生成f(1) ~ f(100)，檢查輸入是否屬于這個集合

You can use a ready-made hash function (such as sha256) to act on (date, pkey). The result is generally much more than 8 digits of pure numerical information. Divide this information into small pieces and return one piece randomly.

getpass(date, pkey) {
  passwords[10] = sha256(date, pkey);
  return passwords[random(1,10)];
}

checkpass(date, pkey, pass) {
  passwords[10] = sha256(date, pkey);
  return (pass in passwords);
}

Try using MD5

If you want to return different results every time, you can use TripleDes

But the result can only be an 8-digit pure number, which is enough

md5, openssl is relatively simple

The final solution is to take part of the value after hashing