How to uniquely identify the data of a third-party user?

I

ince2019-04-02 16:01:58

Algorithms

ince, 2019-04-02 16:01:58

There is such a task. There is an upgradable client for third-party users that generates JSON and sends it to us by e-mail (I know it's a perversion, but this is the task). This JSON contains the version of the client with which it was generated. The JSON file itself can be easily faked by users by manually changing the composition and specifying a different version.
The question is, is it possible to uniquely identify (for example, by some hash) which version of the client is used using encryption (or understand that the hash is incorrect and not associated with any version)?
Tell me, in which direction to dig?

spoiler

Прошу прощения за сумбурное изложение

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

Z

zhaar, 2019-04-02
@zhaar

Instead of explicitly storing the software version, use any hash algorithm with a salt (i.e. additional text that is encrypted along with the version, for example: "release_date + software version + grandma's birthday" - total: "20190401|2.0.0.1(75 )|19400201"). Specify this hash in the file, decode it on your side and get the final version.
If the user tries to pick it up, then he will need to know what salt is added to the hash, or use rainbow tables - this is both time and hemorrhoids.
Therefore, for a simple solution, my option is fine. Google for md5, sha1, sha256, etc.