2

I want to create a byte sequence with a fixed length out of a string which has a variable length. What is the best way to archive this. All bytes should be as different as possible.

The code is used for research for myself, nothing productive.

This has been my first approach for the generation of the bytes:

static byte[] GenerateBytes(string password, Int32 strength)
{
    Byte[] result = new byte[strength];
    Byte[] pwBytes = Encoding.ASCII.GetBytes(password);
    Int32 prime = GetLowerPrime(pwBytes.Length);
    
    // Offset count to avoid values
    Int32 count = prime;
    Int32 sum = 0;
    for (int i = 0; i < result.Length; i++) {
        sum += (result[i] = pwBytes[(count++ % pwBytes.Length)]);
    }
    
    count += prime;
    Int32 pcount = prime;
    for (int i = 0; i < result.Length * 7; i++) {
        result[(i % result.Length)] ^= (Byte)(pwBytes[(count++ % pwBytes.Length)] ^ ((pcount += pwBytes[(count % pwBytes.Length)]) % 255));
    }
    
    return result;
}

And generated some samples with 256 / 128 / 64 generated bytes and counted the unique bytes:

Password "Short":                170  103  60
Password "LongerX":              173  101  55
Password "Really Long":          169  100  57
Password "Unbelivable Safe!0§$": 162  101  56
Password "MCV":                  119  113  61
Password "AAA":                  50   51   50
Password "BBB":                  67   67   52
Password "AAAAAA":               48   48   48

I tried to change the prime selector a bit this improves the generation with short keys but has partly a impact on long ones. I also tracked some statistics of the bytes. Generated and each byte value is used between 9 and 30 times.

What do you think about the results? How can i improve the generation of the bytes?

Improve this question
10
  • I hope you expect to have 2 different strings that will produce the same byte sequence, because your input space is larger than your output space Commented Nov 8, 2012 at 16:47
  • 2
    If this really is for passwords, don't do this yourself - use a recognised cryptographically-strong hashing algorithm. Commented Nov 8, 2012 at 16:48
  • Is there a reason you're not using an off-the-shelf hashing algorithm? Commented Nov 8, 2012 at 16:50
  • If it isn't for passwords, still don't do this yourself - use a well-known, already-implemented hash function such as CRC. Commented Nov 8, 2012 at 16:50
  • 1
    +1 to balance my previous -1 :) Commented Nov 8, 2012 at 22:19

2 Answers 2

Reset to default
2

You seems to be reinventing the wheel. If you need to make key from the password, use hashing function, or, the best way - one of the standard password-based key derivation function. Search for PBKDF2.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

As much as there's a chance that you're right that he's trying to make a password key, I would say that it is very presumptuous, and doesn't warrant posting an answer to a question that you don't actually know he's asking.
Hashing string/using PBKDF will also feet his needs, if he just need bytes "as different as possible"
@SamIam he wants to generate a fixed-size sequence of bytes from a string. An existing hash algorithm does exactly this -- regardless of whether or not the input was a password.
As already said in comments it's for personal research because i'm interested in creating one for theoretical purposes.
You should check how hash functions are built, they should meet your criteria.
2

well if you really want to roll your own solution that has no real practical use other than theoretical interest, (because this sounds like a homework question) just start off with a one-time pad of random bytes and XOR the pwd with the first few bytes, should give you reasonably high entropy for short pwds.

Improve this answer

1 Comment

Its a pure theoretical interest. ( I made my last homework 10 years ago... :- )

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.