A few years ago I wrote about Manual Blum’s proposed method for mentally computing a secure hash function. He proposed using this method as a password manager, using the hash of a web site’s name as the password for the site.
I first wrote about Blum’s method on the Heidelberg Laureate Forum blog, then wrote some footnotes to the post here. In this post I’d like to recap the method all in one place, then say more about how you might do the memorization the method requires.
If you’re not familiar with the major memory system, you might find the memorization part interesting whether or not you’re interested in the hash function.
Algorithm
Blum’s algorithm requires creating and memorizing two things: a random map from letters to digits, and a random permutation of digits.
Let f be a function that maps the set {A, B, C, …, Z} to the set {0, 1, 2, …, 9} created by a random number generator, and let g be a random permutation of {0, 1, 2, …, 9}.
Start with the text you want to hash. Then use f to convert the text to a sequence of digits, replacing each character c with f(c). Label this sequence of digits
a0 a1 a2 … an.
To create the first digit of your hash value, add the first and last digits of your sequence of digits, take the last digit of the sum, and apply the permutation g to it. In symbols, the first digit of the output, b0, is given by
b0 = g( (a0 + an) % 10 )
where a % 10 is the remainder when a is divided by 10.
For the rest of the digits, add the previous output to the current input, take the last digit, and apply the permutation. That is, for k > 0,
bk = g( (bk-1 + ak) % 10 ).
The security of this hash function depends on the length of the text being hashed. A few years ago Blum said 12 characters should be enough [0]. Season to taste.
Practical tips
This method outputs only digits, so you might want to append a fixed sequence like “sG*” on the end so that you have a lower case letter, and upper
