I have to synchronise small sets of data between two or more systems over an insecure network. First I have to check that the other system has the same unique identification information for the data set, but without giving away the identification data if it doesn't. The unique identification strings are between 12 and 40 bytes long. I am thinking of using a one-way hash to individually hash a group of unique identifiers, send that to the remote system and have the remote system use the same hash salt to hash the same identification data from its datasets (it will have in the order of 1000 sets), compare the received hashes with its computed hashes and send back the identifiers that match (encrypted but not hashed). An obvious requirement is a very low risk of a hash collision to prevent data leakage in either direction.
What is the best hash algorithm to use for this? Is it OK to send the hash salt with the hashed data? Can I use one salt for several identifiers, or do I need to have a unique salt for each identifier?
Aucun commentaire:
Enregistrer un commentaire