Upgrade to Pro — share decks privately, control downloads, hide ads and more …

ハッシュと暗号は違うぞ! / Do not confuse hashes and ciphers.

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for HASEGAWA Tomoki HASEGAWA Tomoki
January 31, 2017
Programming
22k
6

ハッシュと暗号は違うぞ! / Do not confuse hashes and ciphers.

PHP勉強会#110での発表資料です。

Avatar for HASEGAWA Tomoki

HASEGAWA Tomoki

January 31, 2017

More Decks by HASEGAWA Tomoki

See All by HASEGAWA Tomoki
3Dプリンタでコレはこう作る! - マルチディスプレイ用モニタアームマウンタの作り方 / Made with a 3D Printer: DIY Multi-Display Monitor Arm Mount
Avatar for HASEGAWA Tomoki tomzoh
0
80
デシリアライゼーションを理解する / Inside Deserialization
Avatar for HASEGAWA Tomoki tomzoh
0
570
PHPer Book Revue: CPUの創りかた / How to Build a CPU
Avatar for HASEGAWA Tomoki tomzoh
0
79
超入門3Dプリンタ: 生活を便利にするモノを作ろう / Getting Started with 3D Printing: Making small things that quietly improve your daily life.
Avatar for HASEGAWA Tomoki tomzoh
0
88
最新ハードウェアの中の8ビットCPU / The Hidden Power of 8-Bit CPUs in Modern Hardware
Avatar for HASEGAWA Tomoki tomzoh
0
140
PHPからはじめるコンピュータアーキテクチャ / From Scripts to Silicon: A Journey Through the Layers of Computing Hiroshima 2025 Edition
Avatar for HASEGAWA Tomoki tomzoh
0
400
PHPからはじめるコンピュータアーキテクチャ / From Scripts to Silicon: A Journey Through the Layers of Computing
Avatar for HASEGAWA Tomoki tomzoh
5
870
低レイヤを知りたいPHPerのためのCコンパイラ作成入門 完全版 / Building a C Compiler for PHPers Who Want to Dive into Low-Level Programming - Expanded
Avatar for HASEGAWA Tomoki tomzoh
6
4.7k
カンファレンスのつくりかた / The Conference Code: What Makes It All Work
Avatar for HASEGAWA Tomoki tomzoh
11
2.3k

Other Decks in Programming

See All in Programming
ECR拡張スキャンでSBOMを収集して サプライチェーン攻撃の影響調査を 爆速で終わらせてみた
Avatar for アキキー | Akihisa Ikeda akihisaikeda
2
190
Zod v4 Codec でスキーマに型変換を埋め込む REST API 設計 #TSKaigi2026
Avatar for Ryutaro Yako ryutaro_yako
0
140
Spec-Driven Development with AI-Agents: From High-Level Requirements to Working Software
Avatar for Anton Arhipov antonarhipov
2
320
Swiftのレキシカルスコープ管理
Avatar for kntk kntkymt
0
190
プロパティの順序で型推論が壊れる!? TypeScript6.0の修正からContext-Sensitivityの仕組みを追う
Avatar for おおいし bicstone
2
990
サプライチェーン攻撃対策「層を重ねて落ちない壁」を10日間で組み上げた話 #TechLeadConf2026
Avatar for Kashun Yoshida kashewnuts
1
360
横断組織出身のQAEがインプロセスQAEでつまずいたこと・活かせたこと
Avatar for Taiki Yamashita ty89
0
180
AI駆動開発で崩れていくコードベースを立て直す
Avatar for Kyoko NR kyoko_nr_nr
1
350
密結合なバックエンドから TypeScript のコードを生成する
Avatar for kemuridama kemuridama
1
330
Spec-Driven Development with AI Agents (Workshop, May 2026)
Avatar for Anton Arhipov antonarhipov
4
430
AI時代になぜ書くのか
Avatar for Mutz mutsumix
0
450
柔軟なPDFレイアウトエディタを支える型システム設計 — Discriminated UnionとConditional Typeの実践
Avatar for minako-ph minako__ph
3
560

Featured

See All Featured
How to Think Like a Performance Engineer
Avatar for Harry Roberts csswizardry
28
2.6k
The AI Revolution Will Not Be Monopolized: How open-source beats economies of scale, even for LLMs
Avatar for Ines Montani inesmontani
PRO
3
3.5k
Reality Check: Gamification 10 Years Later
Avatar for Sebastian Deterding codingconduct
0
2.2k
Marketing to machines
Avatar for Jono Alderson jonoalderson
1
5.3k
Balancing Empowerment & Direction
Avatar for Lara Hogan lara
6
1.1k
The Power of CSS Pseudo Elements
Avatar for Geoffrey Crofte geoffreycrofte
82
6.2k
Leading Effective Engineering Teams in the AI Era
Avatar for Addy Osmani addyosmani
9
2k
Redefining SEO in the New Era of Traffic Generation
Avatar for Szymon Słowik szymonslowik
1
300
Put a Button on it: Removing Barriers to Going Fast.
Avatar for kastner kastner
60
4.3k
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
698
190k
Bridging the Design Gap: How Collaborative Modelling removes blockers to flow between stakeholders and teams @FastFlow conf
Avatar for Kenny Baas-Schwegler baasie
0
560
Digital Projects Gone Horribly Wrong (And the UX Pros Who Still Save the Day) - Dean Schuster
Avatar for UX Y'all uxyall
0
1.5k

Transcript

  1. ίϯϐϡʔλͷجૅ1 ϋογϡͱ҉߸͸ҧ͏ͧʂʂ ௕୩઒ஐر HASEGAWA Tomoki

  2. ライフワーク: Web / iOSアプリ開発, ビール, 電子工作,
 サッカー観戦, レンタルカートレース, … 長谷川

    智希 Web / iOS App Development, Beer, IoT, Watch soccer match, Rental Kart Racing, … デジタルサーカス株式会社 副団長CTO Digital Circus, Inc. Vice-master CTO Tokyo, Japan Lifework: @tomzoh
  3. None
  4. None

  5. WE ARE HIRING!! Web Development Mobile App Development ( )

    (iOS, Android) http://www.dgcircus.com Omotesando, Tokyo

  6. ࠓ೔ͷςʔϚ • ࣮ࡍʹ͋ͬͨ΍ΓͱΓ:
 ͓٬͞·ʮηΩϡϦςΟ্DBʹύεϫʔυΛอଘ͠ͳ͍Ͱɻʯ
 ๭ϕϯμʮͰ͸ύεϫʔυ͸҉߸Խͯ͠อଘ͠·͠ΐ͏ɻʯ
 ΅͘ʮ·ͬͯʂʂʂʂ ʯ • ϋογϡͱ҉߸ͷҧ͍͕ཧղ͞Ε͍ͯͳ͍͜Μͳੈͷ த͡ΌϙΠζϯ☠

    • ίϯϐϡʔλΤϯδχΞͱͯͪ͠ΌΜͱཧղͯ͠ɺਖ਼ ͘͠ϋογϡ΍҉߸ԽΛ࢖͓͏ɻ

  7. ϋογϡ

  8. ϋογϡ • γεςϜ։ൃɺಛʹWebγεςϜͰ͸࣌ͱͯ͠ϋο γϡΛ࢖͏ɻ • ͦͷಛੑΛཧղ͠ͳ͍ͰϋογϡΛ࢖༻͢Δͱɺ ηΩϡϦςΟ੬ऑੑΛ๊͑ΔՄೳੑ͕͋Δɻ • ϋογϡͷಛੑΛཧղͯ͠ਖ਼͘͠࢖͍·͠ΐ͏ɻ

  9. ϋογϡͱ͸Կ͔

  10. ӳ୯ޠͱͯ͠ͷҙຯ:

  11. None

  12. ΢ΟΩϖσΟΞͰݟΔͱ:

  13. None
  14. None

  15. ϋογϡͱ͸Կ͔ • ʮσʔλ͔Βࢉग़ͨ͠খ͞ͳ஋ɻ֤σʔλΛ۠ผɾ දݱ͢Δ໨తʹ༻͍Δʯ • σʔλΛϋογϡؔ਺ʹೖྗ͢Δͱɺϋογϡ஋ ͕ग़ྗ͞ΕΔɻ • ϋογϡؔ਺ͷྫ: md5,

    sha-1, sha-2 …

  16. ϋογϡؔ਺ͷಛ௃ Α͘࢖ΘΕΔϋογϡؔ਺͸͜Μͳ෩ʹઃܭ͞Ε͍ͯΔ: • Կ౓΍ͬͯ΋ಉ͡ϋογϡ஋ʹͳΔ • ͲΜͳσʔλΛೖྗͯ͠΋ಉ͡௕͞ͷϋογϡ஋ʹͳΔ • ผͷσʔλʹରͯ͠͸͍͍ͩͨผͷϋογϡ஋ʹͳΔ • ϋογϡ஋͔ΒݩͷσʔλΛࢉग़͢Δ͜ͱ͸΄΅Ͱ͖ͳ͍

  17. ϋογϡؔ਺ͷ༻్

  18. ϋογϡؔ਺ͷ༻్1 ʮμ΢ϯϩʔυ͖ͯͨ͠ϑΝΠϧɺ
 ͪΌΜͱμ΢ϯϩʔυͰ͖͔ͨͳ…ʯ • μ΢ϯϩʔυݩʹϋογϡؔ਺ͱϋογϡ஋Λදࣔɻ • μ΢ϯϩʔυͨ͠ϑΝΠϧͷϋογϡ஋ΛखݩͰܭࢉͯͦ͠Ε ͱൺֱ͢Δɻ • ϋογϡ஋͕߹͑͹OKɻ

    • ϑΝΠϧ͕վ͟Μ͞Ε͍ͯͨΓɺμ΢ϯϩʔυʹࣦഊ͍ͯ͠Ε͹ϋο γϡ஋͕߹Θͳ͍ɻ • aptͱ͔yumͰ΋಺෦తʹ࢖༻͞Ε͍ͯΔɻ

  19. UbuntuͷISO഑෍αΠτ

  20. UbuntuͷISO഑෍αΠτ

  21. UbuntuͷISO഑෍αΠτ c94d54942a2954cf852884d656224186 *ubuntu-16.04-desktop-amd64.iso 610c4a399df39a78866f9236b8c658da *ubuntu-16.04-desktop-i386.iso 23e97cd5d4145d4105fbf29878534049 *ubuntu-16.04-server-amd64.img 23e97cd5d4145d4105fbf29878534049 *ubuntu-16.04-server-amd64.iso 494c03028524dff2de5c41a800674692

    *ubuntu-16.04-server-i386.img 494c03028524dff2de5c41a800674692 *ubuntu-16.04-server-i386.iso 17643c29e3c4609818f26becf76d29a3 *ubuntu-16.04.1-desktop-amd64.iso 9e4e30c37c99b4e029b4bfc2ee93eec2 *ubuntu-16.04.1-desktop-i386.iso d2d939ca0e65816790375f6826e4032f *ubuntu-16.04.1-server-amd64.img d2d939ca0e65816790375f6826e4032f *ubuntu-16.04.1-server-amd64.iso 455206c599c25d6a576ba23ca906741a *ubuntu-16.04.1-server-i386.img 455206c599c25d6a576ba23ca906741a *ubuntu-16.04.1-server-i386.iso

  22. ϋογϡؔ਺ͷ༻్2 ʮ/node/1ͱ͔ɺID͕URLʹؙݟ͑ͳͷΧοί
 ѱ͍ͳ…ʯ • IDΛϋογϡؔ਺ͷೖྗͱ͠ɺURLʹ͸ϋογϡ஋Λ࢖͏ɻ • /user/9e4e30c37c99b4e029b4bfc2ee93eec2

  23. ϋογϡؔ਺ͷ༻్3 ʮύεϫʔυΛͦͷ··DBʹอଘ͢Δͷ͸ةݥɻʯ • Ϣʔβ͕ೖྗͨ͠ύεϫʔυ͕Ϣʔβ͕ઃఆͨ͠΋ͷͱಉ͔͕͡ ෼͔Ε͹ྑ͍ɻ • ϋογϡؔ਺ΛܾΊ͓͖ͯɺDBʹ͸ύεϫʔυͷϋογϡ஋Λอ ଘ͢Δɻ • ࣍ճϩάΠϯ࣌ʹϢʔβ͕ೖྗͨ͠จࣈྻ͔Βϋογϡ஋Λܭࢉ

    ͠ɺDBʹอଘ͞Εͨ΋ͷͱൺֱ͢Δɻ • ϋογϡ஋͕߹͑͹Ϣʔβ͕ೖྗͨ͠จࣈྻ͸ͦͷϢʔβ͕ઃఆͨ͠ ύεϫʔυͱ౳͍͠ɻ • DB͕ྲྀग़ͯ͠΋ύεϫʔυ͸όϨͳ͍ɻ

  24. ϋογϡͷಛੑʹΑΔ஫ҙࣄ߲

  25. ϋογϡؔ਺ͷ༻్1 ʮμ΢ϯϩʔυ͖ͯͨ͠ϑΝΠϧɺ
 ͪΌΜͱμ΢ϯϩʔυͰ͖͔ͨͳ…ʯ • μ΢ϯϩʔυݩʹϋογϡؔ਺ͱϋογϡ஋Λදࣔɻ • μ΢ϯϩʔυͨ͠ϑΝΠϧͷϋογϡ஋ΛखݩͰܭࢉͯͦ͠Ε ͱൺֱ͢Δɻ • ϋογϡ஋͕߹͑͹OKɻ

    • ϑΝΠϧ͕վ͟Μ͞Ε͍ͯͨΓɺμ΢ϯϩʔυʹࣦഊ͍ͯ͠Ε͹ϋο γϡ஋͕߹Θͳ͍ɻ • aptͱ͔yumͰ΋಺෦తʹ࢖༻͞Ε͍ͯΔɻ

  26. ϋογϡؔ਺ͷಛ௃ Α͘࢖ΘΕΔϋογϡؔ਺͸͜Μͳ෩ʹઃܭ͞Ε͍ͯΔ: • Կ౓΍ͬͯ΋ಉ͡ϋογϡ஋ʹͳΔ • ͲΜͳσʔλΛೖྗͯ͠΋ಉ͡௕͞ͷϋογϡ஋ʹͳΔ • ผͷσʔλʹରͯ͠͸͍͍ͩͨผͷϋογϡ஋ʹͳΔ • ϋογϡ஋͔ΒݩͷσʔλΛࢉग़͢Δ͜ͱ͸΄΅Ͱ͖ͳ͍

  27. ϋογϡ஋িಥʹΑΔ߈ܸ ਆιϑτ͕Ͱ͖ͨͷͰެ։͢ΔΑɻ ϋογϡ஋෇͖Ͷɻ

  28. ϋογϡ஋িಥʹΑΔ߈ܸ ਆιϑτ͕Ͱ͖ͨͷͰެ։͢ΔΑɻ ϋογϡ஋෇͖Ͷɻ ΢ΟϧεೖΕͯ…ɻ຤ඌʹΰϛσʔλ෇͚Ճ͑ͯϋο γϡ஋ಉ͡ʹͳΔ༷ʹͨ͠Ζɻ

  29. ϋογϡ஋িಥʹΑΔ߈ܸ μ΢ϯϩʔυͨ͠ϑΝΠϧɺେৎ෉͔ͳʁ ϋογϡ஋߹ͬͯΔ͠OKʂ ਆιϑτ͕Ͱ͖ͨͷͰެ։͢ΔΑɻ ϋογϡ஋෇͖Ͷɻ ΢ΟϧεೖΕͯ…ɻ຤ඌʹΰϛσʔλ෇͚Ճ͑ͯϋο γϡ஋ಉ͡ʹͳΔ༷ʹͨ͠Ζɻ

  30. ϋογϡ஋িಥʹΑΔ߈ܸ μ΢ϯϩʔυͨ͠ϑΝΠϧɺେৎ෉͔ͳʁ ϋογϡ஋߹ͬͯΔ͠OKʂ ਆιϑτ͕Ͱ͖ͨͷͰެ։͢ΔΑɻ ϋογϡ஋෇͖Ͷɻ ΢ΟϧεೖΕͯ…ɻ຤ඌʹΰϛσʔλ෇͚Ճ͑ͯϋο γϡ஋ಉ͡ʹͳΔ༷ʹͨ͠Ζɻ ͗Όʔʂ΢ΟϧεೖΓͩͬͨʂʂʂ

  31. ϋογϡ஋িಥʹΑΔ߈ܸ μ΢ϯϩʔυͨ͠ϑΝΠϧɺେৎ෉͔ͳʁ ϋογϡ஋߹ͬͯΔ͠OKʂ ਆιϑτ͕Ͱ͖ͨͷͰެ։͢ΔΑɻ ϋογϡ஋෇͖Ͷɻ ΢ΟϧεೖΕͯ…ɻ຤ඌʹΰϛσʔλ෇͚Ճ͑ͯϋο γϡ஋ಉ͡ʹͳΔ༷ʹͨ͠Ζɻ ͗Όʔʂ΢ΟϧεೖΓͩͬͨʂʂʂ Ͳ͏ͨ͠ΒΑ͔ͬͨʁ

  32. ϋογϡ஋িಥʹΑΔ߈ܸͷରࡦ • Ͳ͏͠Α͏΋ͳ͍ɻ • ϋογϡ஋ͷিಥΛҙਤతʹى͜͠ʹ͍͘ΞϧΰϦ ζϜΛ࢖͏͔͠ͳ͍ɻ

  33. ϋογϡ஋িಥʹΑΔ߈ܸͷରࡦ • Ͳ͏͠Α͏΋ͳ͍ɻ • ϋογϡ஋ͷিಥΛҙਤతʹى͜͠ʹ͍͘ΞϧΰϦ ζϜΛ࢖͏͔͠ͳ͍ɻ

  34. ϋογϡؔ਺ͷ༻్2 ʮ/node/1ͱ͔ɺID͕URLʹؙݟ͑ͳͷΧοί
 ѱ͍ͳ…ʯ • IDΛϋογϡؔ਺ͷೖྗͱ͠ɺURLʹ͸ϋογϡ஋Λ࢖͏ɻ • /user/9e4e30c37c99b4e029b4bfc2ee93eec2

  35. ݯ૾ܭࢉʹΑΔ߈ܸ /node/1 ͬͯͷ΋ΞϨͳͷͰϋογϡԽͨ͠Ζɻ $url = sprintf("/user/%s", md5($user_id));

  36. ݯ૾ܭࢉʹΑΔ߈ܸ /node/1 ͬͯͷ΋ΞϨͳͷͰϋογϡԽͨ͠Ζɻ $url = sprintf("/user/%s", md5($user_id)); ͜ͷจࣈྻͷฒͼɺmd5ͩͳɻͲ͏ͤݩ͸࿈൪ͩΖɻ for ($i

    = 0; $i < 1000; $i++)} $page = file_get_contents(
 sprintf("/user/%s", md5($i))); }

  37. ݯ૾ܭࢉʹΑΔ߈ܸ /node/1 ͬͯͷ΋ΞϨͳͷͰϋογϡԽͨ͠Ζɻ $url = sprintf("/user/%s", md5($user_id)); ͜ͷจࣈྻͷฒͼɺmd5ͩͳɻͲ͏ͤݩ͸࿈൪ͩΖɻ for ($i

    = 0; $i < 1000; $i++)} $page = file_get_contents(
 sprintf("/user/%s", md5($i))); } શ෦όϨͨʂ

  38. ݯ૾ܭࢉʹΑΔ߈ܸ /node/1 ͬͯͷ΋ΞϨͳͷͰϋογϡԽͨ͠Ζɻ $url = sprintf("/user/%s", md5($user_id)); ͜ͷจࣈྻͷฒͼɺmd5ͩͳɻͲ͏ͤݩ͸࿈൪ͩΖɻ for ($i

    = 0; $i < 1000; $i++)} $page = file_get_contents(
 sprintf("/user/%s", md5($i))); } શ෦όϨͨʂ Ͳ͏ͨ͠ΒΑ͔ͬͨʁ

  39. ݯ૾ܭࢉʹΑΔ߈ܸͷରࡦ1 • ݩσʔλ͕όϨͳ͍Α͏ʹ͢Δɻ • ͦͷͨΊʹɺݩσʔλʹιϧτΛ௥Ճ͢Δɻ • ιϧτ͸ԿͰ΋ྑ͍ɻ20จࣈҎ্͙Β͍ͷਪଌ͠ʹ͍͘จࣈ ྻɻ • ʮ࿈൪ͱ͔ΛΘ͔Γʹ͘͘͢Δʯ༷ͳ༻్Ͱ͸ɺιϧτΛ෇

    ͚ͳ͍ܗͰϋογϡؔ਺Λ࢖͏͜ͱ͸ແ͍ͱࢥͬͯྑ͍ɻ

  40. ݯ૾ܭࢉʹΑΔ߈ܸͷରࡦ1 • ݩσʔλ͕όϨͳ͍Α͏ʹ͢Δɻ • ͦͷͨΊʹɺݩσʔλʹιϧτΛ௥Ճ͢Δɻ • ιϧτ͸ԿͰ΋ྑ͍ɻ20จࣈҎ্͙Β͍ͷਪଌ͠ʹ͍͘จࣈ ྻɻ • ʮ࿈൪ͱ͔ΛΘ͔Γʹ͘͘͢Δʯ༷ͳ༻్Ͱ͸ɺιϧτΛ෇

    ͚ͳ͍ܗͰϋογϡؔ਺Λ࢖͏͜ͱ͸ແ͍ͱࢥͬͯྑ͍ɻ $salt = "aemi4ahcoh7weeN2euth"; $url = sprintf("/user/%s", md5($salt.$user_id));

  41. ϋογϡؔ਺ͷ༻్3 ʮύεϫʔυΛͦͷ··DBʹอଘ͢Δͷ͸ةݥɻʯ • Ϣʔβ͕ೖྗͨ͠ύεϫʔυ͕Ϣʔβ͕ઃఆͨ͠΋ͷͱಉ͔͕͡ ෼͔Ε͹ྑ͍ɻ • ϋογϡؔ਺ΛܾΊ͓͖ͯɺDBʹ͸ύεϫʔυͷϋογϡ஋Λอ ଘ͢Δɻ • ࣍ճϩάΠϯ࣌ʹϢʔβ͕ೖྗͨ͠จࣈྻ͔Βϋογϡ஋Λܭࢉ

    ͠ɺDBʹอଘ͞Εͨ΋ͷͱൺֱ͢Δɻ • ϋογϡ஋͕߹͑͹Ϣʔβ͕ೖྗͨ͠จࣈྻ͸ͦͷϢʔβ͕ઃఆͨ͠ ύεϫʔυͱ౳͍͠ɻ • DB͕ྲྀग़ͯ͠΋ύεϫʔυ͸όϨͳ͍ɻ

  42. ݯ૾ܭࢉʹΑΔ߈ܸ ύεϫʔυΛϋογϡԽͯ͠DBʹอଘͨ͠Αɻ ͜ΕͰσʔλ͕࿙Ӯͯ͠΋େৎ෉ʂ

  43. ݯ૾ܭࢉʹΑΔ߈ܸ ύεϫʔυΛϋογϡԽͯ͠DBʹอଘͨ͠Αɻ ͜ΕͰσʔλ͕࿙Ӯͯ͠΋େৎ෉ʂ ͜ͷจࣈྻͷฒͼɺmd5ͩͳɻΑ͋͘Δύεϫʔυͷ දΛ࢖ͬͯ…ɻ ݩσʔλ md5 abcde ab56b4d92b40713acc5af89985d4b786 qwerty

    d8578edf8458ce06fbc5bb76a58c5ca4 password 5f4dcc3b5aa765d61d8327deb882cf99 : :

  44. ݯ૾ܭࢉʹΑΔ߈ܸ ύεϫʔυΛϋογϡԽͯ͠DBʹอଘͨ͠Αɻ ͜ΕͰσʔλ͕࿙Ӯͯ͠΋େৎ෉ʂ ͋ͬͱ͍͏ؒʹύεϫʔυ͕͹Εͨʂ ͜ͷจࣈྻͷฒͼɺmd5ͩͳɻΑ͋͘Δύεϫʔυͷ දΛ࢖ͬͯ…ɻ ݩσʔλ md5 abcde ab56b4d92b40713acc5af89985d4b786

    qwerty d8578edf8458ce06fbc5bb76a58c5ca4 password 5f4dcc3b5aa765d61d8327deb882cf99 : :

  45. ݯ૾ܭࢉʹΑΔ߈ܸ ύεϫʔυΛϋογϡԽͯ͠DBʹอଘͨ͠Αɻ ͜ΕͰσʔλ͕࿙Ӯͯ͠΋େৎ෉ʂ ͋ͬͱ͍͏ؒʹύεϫʔυ͕͹Εͨʂ Ͳ͏ͨ͠ΒΑ͔ͬͨʁ ͜ͷจࣈྻͷฒͼɺmd5ͩͳɻΑ͋͘Δύεϫʔυͷ දΛ࢖ͬͯ…ɻ ݩσʔλ md5 abcde

    ab56b4d92b40713acc5af89985d4b786 qwerty d8578edf8458ce06fbc5bb76a58c5ca4 password 5f4dcc3b5aa765d61d8327deb882cf99 : :

  46. ݯ૾ܭࢉʹΑΔ߈ܸͷରࡦ2 • Ϣʔβ͕ͲΜͳύεϫʔυΛ෇͚ͯ΋ςʔϒϧʹͦ Ε͕ݱΕͳ͍༷ʹ͢Δɻ • ͦͷͨΊʹɺݩσʔλʹιϧτΛ௥Ճ͢Δɻ • લͷέʔεͱಉ͡ɻ • ϋογϡͱฉ͍ͨΒιϧτ͸ʁͱࢥ͏͙Β͍Ͱྑ͍ɻ

    • ͪͳΈʹ͜ͷςʔϒϧɺ͘͢͝σΧ͍ɻ • 4จࣈͰ640MBɺ5จࣈͰ50GBɺ8จࣈͰ12PBɻ • ϨΠϯϘʔςʔϒϧͱ͍͏ํ๏͕͋Δɻ IUUQXXXTMJEFTIBSFOFUIJNBSVTBMU ࢀߟ

  47. ϋογϡ஋ͷিಥ

  48. ϋογϡ஋ͷিಥ • ϋογϡ஋ͷিಥ:
 ผͷσʔλΛϋογϡؔ਺ʹೖΕ͍ͯΔͷʹɺಉ͡ϋογϡ஋ ͕ग़͖ͯͯ͠·͏͜ͱɻ • ͲΜͳϋογϡؔ਺ΛબΜͰ΋ϋογϡ஋͸ඞͣিಥ͢Δɻ ݩσʔλ 32bit ϋογϡ

    2bit data 1 data 2 data 3 data 4 hash 1 hash 2 hash 3 hash 4 data 5

  49. ϋογϡ஋ͷিಥ • ϋογϡ஋ͷিಥ:
 ผͷσʔλΛϋογϡؔ਺ʹೖΕ͍ͯΔͷʹɺಉ͡ϋογϡ஋ ͕ग़͖ͯͯ͠·͏͜ͱɻ • ͲΜͳϋογϡؔ਺ΛબΜͰ΋ϋογϡ஋͸ඞͣিಥ͢Δɻ ݩσʔλ 32bit ϋογϡ

    2bit data 1 data 2 data 3 data 4 hash 1 hash 2 hash 3 hash 4 data 5

  50. ϋογϡ஋ͷিಥ • ϋογϡ஋ͷিಥ:
 ผͷσʔλΛϋογϡؔ਺ʹೖΕ͍ͯΔͷʹɺಉ͡ϋογϡ஋ ͕ग़͖ͯͯ͠·͏͜ͱɻ • ͲΜͳϋογϡؔ਺ΛબΜͰ΋ϋογϡ஋͸ඞͣিಥ͢Δɻ ݩσʔλ 32bit ϋογϡ

    2bit data 1 data 2 data 3 data 4 hash 1 hash 2 hash 3 hash 4 data 5

  51. ϋογϡ஋ͷিಥ • ϋογϡ஋ͷিಥ:
 ผͷσʔλΛϋογϡؔ਺ʹೖΕ͍ͯΔͷʹɺಉ͡ϋογϡ஋ ͕ग़͖ͯͯ͠·͏͜ͱɻ • ͲΜͳϋογϡؔ਺ΛબΜͰ΋ϋογϡ஋͸ඞͣিಥ͢Δɻ ݩσʔλ 32bit ϋογϡ

    2bit data 1 data 2 data 3 data 4 hash 1 hash 2 hash 3 hash 4 data 5

  52. ϋογϡ஋ͷিಥ • ϋογϡ஋ͷিಥ:
 ผͷσʔλΛϋογϡؔ਺ʹೖΕ͍ͯΔͷʹɺಉ͡ϋογϡ஋ ͕ग़͖ͯͯ͠·͏͜ͱɻ • ͲΜͳϋογϡؔ਺ΛબΜͰ΋ϋογϡ஋͸ඞͣিಥ͢Δɻ ݩσʔλ 32bit ϋογϡ

    2bit data 1 data 2 data 3 data 4 hash 1 hash 2 hash 3 hash 4 data 5

  53. ϋογϡ஋ͷিಥ • ϋογϡ஋ͷিಥ:
 ผͷσʔλΛϋογϡؔ਺ʹೖΕ͍ͯΔͷʹɺಉ͡ϋογϡ஋ ͕ग़͖ͯͯ͠·͏͜ͱɻ • ͲΜͳϋογϡؔ਺ΛબΜͰ΋ϋογϡ஋͸ඞͣিಥ͢Δɻ ݩσʔλ 32bit ϋογϡ

    2bit data 1 data 2 data 3 data 4 hash 1 hash 2 hash 3 hash 4 data 5

  54. ϋογϡ஋͕িಥ͢Δલఏͷઃܭ • ϋογϡ஋͸ඞͣিಥ͢Δ • ϋογϡΛ࢖͏৔߹ʹ͸িಥͨ͠ΒࠔΔ͔ࠔΒͳ͍͔Λඞͣ ߟ͑Δɻ • URLͷྫͳͲɺϢχʔΫͰͳ͍ͱࠔΔ΋ͷ͸ɺඞͣিಥͯ͠ ͍ͳ͍͔ͷνΣοΫΛ͢Δɻ •

    ύεϫʔυͷྫ͸িಥͯ͠΋͔·Θͳ͍ɻ • ʮͦͷϋογϡΛDBʹอଘ͢Δ࣌ʹɺͦͷΧϥϜ͕ϢχʔΫ Ͱ͋Δඞཁ͕͋Δ͔ʯ

  55. ଥ౰ͳιϧτͱ͸ • ιϧτͱͯ͠ଥ౰ͳจࣈྻ͸Կ͔ • ௕͕͞ҰఆҎ্͋Δ͜ͱ͚ͩͲ… • ௕͍ιϧτ͸ϋογϡؔ਺ʹೖྗ͢Δσʔλͷ৘ใྔΛ૿΍͢ɻ • ৘ใྔ͕૿͑ΔͱিಥΛى͜͠΍͘͢ͳΔ͔΋͠Εͳ͍ɻ •

    Ұൠతʹ࢖༻͞ΕΔϋογϡؔ਺͸͜ͷ༷ͳʮ͍ۙσʔλʢι ϧτ͕ಉ͡Ͱݩσʔλ෦෼͚͕ͩҧ͏σʔλʣʯ͕িಥ͠ʹ͘ ͍༷ʹઃܭ͞Ε͍ͯΔɻ • 20จࣈఔ౓ɺͱ͔ɺ26จࣈఔ౓ɺͱ͔͍Ζ͍ΖݴΘΕ͍ͯΔɻ

  56. ·ͱΊ

  57. ·ͱΊ • ϋογϡͱ҉߸͸ҧ͏Αɻ • ϋογϡ΍҉߸Λ࢖͏࣌͸ɺͳͥͦΕΛ࢖͏͔ɺ ͳͥͦͷ൑அΛ͢΂͖͔Λߟ͑Α͏ɻ • ϋογϡΛ࢖͏৔߹͸… • ඞͣɺιϧτΛ෇͚Α͏ɻ

    • ඞͣɺিಥͯ͠΋ྑ͍͔Λߟ͑Α͏ɻ

  58. ʮύεϫʔυͷϋογϡԽʯͱ͔
 ೉͍͠ͱ͜Ζ͸͍͍ͨͯ
 ಄͍͍ਓ͕ߟ͑ͯ࢓૊ΈΛ ࡞ͬͯ͘Ε͍ͯΔ

  59. ڊਓͷݞʹ৐Ζ͏

  60. ͨͩ͠

  61. த਎Λཧղͤͣʹ ͳΜͱͳ͘࢖͏ͷ͸࠷ѱ

  62. ҙຯ͕ແ͍͚ͩͳΒྑ͍͕ɺ ͔ͤͬ͘ߟ͑ΒΕͨ࢓૊ΈΛ ࡴ͢͜ͱʹ΋ͳΓಘΔ

  63. None
  64. None
  65. None

  66. ࣗ෼͸ԿΛ͍ͨ͠ͷ͔ Drupal͸ԿΛ༩͑ͯ͘Ε͍ͯΔͷ͔ ͪΌΜͱཧղͯ͠ɺਖ਼͘͠࢖͓͏

  67. ͦͯ͠…

  68. ͜ͷखͷ ʮಛఆͷ੡඼ʹґଘ͠ͳ͍஌ࣝʯ͸ ΤϯδχΞͷ݂ͱͳΓ೑ͱͳΓɺ ΤϯδχΞͱͯ͠ੜ͖͍ͯͨ͘Ίͷ ྗʹͳΔ

  69. ʮྗ͕…ཉ͍͔͠…ʯ

  70. ͜͏͍͏஌ࣝΛͲ͏΍ͬͯಘΔ͔ • ϋογϡʹݶΒͣɺιϑτ΢ΣΞ։ൃʹ͸ଟ͘ͷप ล஌͕ࣝඞཁɻ • ৘ใܥͷେֶ΍ઐ໳ֶߍͰ͸ڭΘΔʢ͸ͣʣɻ • ମܥతʹ޿ֶ͘ͿͷͰ͋Ε͹ࢿ֨ࢼݧ͕ศརɻ • IPAʢ৘ใॲཧਪਐػߏʣͷ


    ʮ৘ใॲཧٕज़ऀࢼݧʯ͕͓͢͢Ίɻ http://www.jitec.ipa.go.jp