SipHash
Obfuscator-iOS
Our great sponsors
SipHash | Obfuscator-iOS | |
---|---|---|
3 | 1 | |
593 | 629 | |
- | - | |
1.4 | 0.0 | |
about 1 year ago | about 3 years ago | |
C | Objective-C | |
Creative Commons Zero v1.0 Universal | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
SipHash
-
does math.randomseed() let you use letters, or only numbers?
Very fast with security guarantees. These are faster than full cryptographic hashes and fulfill some but not all of the security guarantees. That's not to say that they're weaker, but that they're designed for certain usecases where they are perfectly adequate and others where they fail miserably. Example: SipHash2-4 https://github.com/veorq/SipHash
-
Implementing Hash Tables in C
Note that if you have untrusted input, you may want to use a defensive option for hashing involving a private key, such as SipHash[1]. Otherwise, an attacker who knows your hash functions can just pre-generate a large number of colliding elements and reduce your hash function to a linked list; given enough attacker-controlled elements, this can effectively amount to a DoS attack[2].
[1] https://github.com/veorq/SipHash
[2] https://www.aumasson.jp/siphash/siphashdos_29c3_slides.pdf
-
Getting unique items from a list. Why do they come out in a random order?
Sets are internally ordered by items' hash (rather, the first few bits of it, depending on the # of elements in the set), and strings are hashed with a pseudorandom algorithm.
Obfuscator-iOS
-
I've made a video with Anastasiia Voitova to discuss how unsafe it actually is to store any sensitive information–like an API key–inside the resources of an app. People seemed to have found it useful, so I'm sharing it here 🙌
Why bother using something as complicated as https://github.com/pjebs/Obfuscator-iOS when it can be defeated in a couple of minutes using Proxyman? I don't even have to bother decrypting the ipa using frida.
What are some alternatives?
OpenSSL - TLS/SSL and crypto library
Swift-Sodium - Safe and easy to use crypto for iOS and macOS
Lua - Lua is a powerful, efficient, lightweight, embeddable scripting language. It supports procedural programming, object-oriented programming, functional programming, data-driven programming, and data description.
cocoapods-keys - A key value store for storing per-developer environment and application keys
OpenSSL - Swift OpenSSL for OS X and Linux
CommonCrypto.swift - :trident: CommonCrypto in Swift, and more
cityhash - Automatically exported from code.google.com/p/cityhash
Smile-Lock - A library for make a beautiful Passcode Lock View
SwiftyRSA - RSA public/private key encryption in Swift
SipHash - Simple and secure hashing in Swift with the SipHash algorithm
AES256CBC
Keychain - :key: A keychain wrapper that is so easy to use that your cat could use it.