I\'m calculating a SHA2 hash of a certain sensitive key value. I need to store f

Question

I'm calculating a SHA2 hash of a certain sensitive key value. I need to store files on disk using this hash a directory path prefix. So lets say I hash the key value 150023, I get a 32-byte value which in hex is 64-characters long - quite a long filename.

What's the shortest string I can get of this 32-byte hash, that would have some degree of uniqueness? I could use Base64 but that would be about 40 chars. Should I simply truncate the 32-byte hash value? Would it have frequent collisions if I used similar key values?

Explanation / Answer

There are 94 printable ascii characters. Not all of which are valid for file names, however. There should be 64=26 that are valid for file names, so read 6 bits at a time and map those to one of the 64 characters that are valid for file names. That would give you 256/6?43 characters. It will be hard to get much smaller than that.

That process is pretty much base64 anyways, so I'd stick with base64.

Truncation could work depending on your adversary model. What kind of collisions are you worried about? If you are only worried about random collisions, truncation would be fine. If you truncate to 128 bit outputs, you would expect to see a collision after about 264 files. If you are worried about malicious collisions, best to stick with the ?43 characters of base64.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.