indrora/quantum.php

## quantum.php
<?php

function quantumhash($content)
{
    /*
     * This is the Quantum Hash function. Why is it called the Quantum hash function?
     * because it can't be turned back without knowing what the original was, or being
     * very very good at hashing lots of things at once.
     *
     * How it works is we have an array of hashing algos that PHP accepts -- this is $hashers.
     * The input content is then taken and the ASCII (ordinal) value of each character is squared and added
     * to a value starting at 0. Since passwords are (generally) unique or otherwise "interesting", this
     * makes it so passphrases have a high level of entropy, as does smaller (8char random) passwords.
     *
     * This is used as the seed into a simple RNG. Not the greatest one, but given that passwords have
     * enough entropy (theoretically) to start, this should have little chance of revolving.
     *
     * Our input value is hashed once using a random (given above) hashing algo from the list.
     *
     * For 9600 rounds, this is repeated, our now hashed (lower-case hexidecimal) value used as the
     * input value for another (different) algo. Our RNG now repeats using the iteration, previous seed,
     * ASCII (ordinal) values of the hexidecimal representation of the resulting hash.
     *
     * By default, uses SHA256, Snefru, GOST, RIPEMD256, and the 3,4, and 5 pass versions of HAVAL256.
     * Secure implementations would change the order, number and possibly add and remove hashes.
     *
     * Looking at a hash, you cannot tell what *flavor* of hash it is without knowing the (in our case) previous
     * hash to check what is going on.
     *
     * As a result, we can be fairy certain that there is an infintecimally low chance that someone will be able to collide
     * all the hashes in a given set, especially repeatedly. If one hash becomes insecure (e.g. MD5) we can still
     * operate with that hash until all other hash functions become collision-prone.
     *
     * In order for an attacker to reverse the input
     *
     * Example: HAVAL, snefru and gost are considered "collidable" -- we have a fair amount of knowledge that it is possible
     * to collide both those hashes for two given values.
     *
     * All this considered, the rule still applies that "All things equal, anything can be broken": this is not
     * invulnerable against a dictionary/brute-force attack.
     *
     * We could make the entire thing summed into another hash algo, but once that algo gets broken, we're hozed!
     */
	$fn = $content;

	/* all 256 bit hashes supported by PHP5.1.0 and above.
	 * you can easily replace these with your own.
	 */
	$hashers = array ( 'sha256','ripemd256','snefru','snefru256','gost','haval256,3','haval256,4','haval256,5' );
	$seed = 0;
	foreach(str_split($content) as $x)
	{
		$seed += ord($x)*ord($x);
	}
	for($i=0;$i<9600;$i++)
	{
		$algo = $hashers[ ($seed) % (sizeof($hashers)) ];

		$content = hash($algo, $content);

		$seed = abs($seed + ord($content)*ord(substr($content, 1, 1)) + $i);
	}

	return $content;
}
?>
	<?php

	function quantumhash($content)
	{
	/*
	* This is the Quantum Hash function. Why is it called the Quantum hash function?
	* because it can't be turned back without knowing what the original was, or being
	* very very good at hashing lots of things at once.
	*
	* How it works is we have an array of hashing algos that PHP accepts -- this is $hashers.
	* The input content is then taken and the ASCII (ordinal) value of each character is squared and added
	* to a value starting at 0. Since passwords are (generally) unique or otherwise "interesting", this
	* makes it so passphrases have a high level of entropy, as does smaller (8char random) passwords.
	*
	* This is used as the seed into a simple RNG. Not the greatest one, but given that passwords have
	* enough entropy (theoretically) to start, this should have little chance of revolving.
	*
	* Our input value is hashed once using a random (given above) hashing algo from the list.
	*
	* For 9600 rounds, this is repeated, our now hashed (lower-case hexidecimal) value used as the
	* input value for another (different) algo. Our RNG now repeats using the iteration, previous seed,
	* ASCII (ordinal) values of the hexidecimal representation of the resulting hash.
	*
	* By default, uses SHA256, Snefru, GOST, RIPEMD256, and the 3,4, and 5 pass versions of HAVAL256.
	* Secure implementations would change the order, number and possibly add and remove hashes.
	*
	* Looking at a hash, you cannot tell what flavor of hash it is without knowing the (in our case) previous
	* hash to check what is going on.
	*
	* As a result, we can be fairy certain that there is an infintecimally low chance that someone will be able to collide
	* all the hashes in a given set, especially repeatedly. If one hash becomes insecure (e.g. MD5) we can still
	* operate with that hash until all other hash functions become collision-prone.
	*
	* In order for an attacker to reverse the input
	*
	* Example: HAVAL, snefru and gost are considered "collidable" -- we have a fair amount of knowledge that it is possible
	* to collide both those hashes for two given values.
	*
	* All this considered, the rule still applies that "All things equal, anything can be broken": this is not
	* invulnerable against a dictionary/brute-force attack.
	*
	* We could make the entire thing summed into another hash algo, but once that algo gets broken, we're hozed!
	*/
	$fn = $content;

	/* all 256 bit hashes supported by PHP5.1.0 and above.
	* you can easily replace these with your own.
	*/
	$hashers = array ( 'sha256','ripemd256','snefru','snefru256','gost','haval256,3','haval256,4','haval256,5' );
	$seed = 0;
	foreach(str_split($content) as $x)
	{
	$seed += ord($x)*ord($x);
	}
	for($i=0;$i<9600;$i++)
	{
	$algo = $hashers[ ($seed) % (sizeof($hashers)) ];

	$content = hash($algo, $content);

	$seed = abs($seed + ord($content)*ord(substr($content, 1, 1)) + $i);
	}

	return $content;
	}
	?>