hash0

Author(s):



hash0 Source code: https://github.com/dannysu/hash0
Firefox Add-on source code: https://github.com/dannysu/hash0-firefox

I store my encrypted metadata on Google App Engine. You can deploy this project (https://github.com/dannysu/gae_storage) to your own account to use. I've set up a test one here if you want to use it to try things out: http://hash0-test.appspot.com/anything_you_want

The "anything_you_want" should be replaced with something unique to you.

How hash0 works:
Hash0 uses SJCL's PBKDF2 implementation with 100,000 iterations to derive password from a master password. On top of using PBKDF2, Hash0 uses an unique salt per site. Hash0 attempts to use the closest possible thing in a browser to a CSPRNG by utilizing SJCL's code. In modern browsers, this basically means obtaining data from window.crypto.getRandomValues().

Hash0 also borrows some functions from PasswordMaker.org when converting generated result to the desired charset.

Finally, the salt and different site configurations are encrypted using SJCL's encrypt() function and stored at a place of user's choosing. Storing these settings remotely in encrypted form allows Hash0 to be used across different devices.

Download files:

hash0-2.0.1-signed.xpi
hash0-2.1.1-signed.xpi
hash0-2.1.2.xpi
hash0-2.1.3.2.xpi


This page is part of the LegacyCollector website.
Disclaimer: All material on this site is property of their respective owners and available under
open licenses to the best of our knowledge. If you are an author and would like anything removed,
then please write an e-mail to legacy [at] collector dot org.