Mac Address Hashing Algorithm

rinat
Conversationalist

Mac Address Hashing Algorithm

On the Scanning API docs you describe the Meraki mac address hashing algorithm. Do you have its open source example/realisation in any programming language that Scanning API customers could use or extend?

2 Replies 2
HodyCrouch
Building a reputation

 

Meraki describes the hash algorithm in pseudocode:

 

 

hash(mac bytes, org secret) =
SHA1(mac bytes ++ org secret).takeRight(4)
where:
++ indicates concatenation;
takeRight(4) returns the least significant 4 bytes of the SHA1; and
org secret is a per-customer salt.
Example:
client MAC is 11:22:33:44:55:66
org secret is t3lrdd
least significant 4 bytes of SHA1(112233445566t3Irdd) = 0x0e456406

 

I'm not sure why you would want to implement this yourself, but here's an example in Node.js

 

var crypto = require('crypto');

merakiHash('11:22:33:44:55:66', 't3Irdd');

function merakiHash(mac, secret) {
  var sha1 = crypto.createHash('sha1');
  var macBytes = mac.replace(/:/g, '');
  sha1.update(Buffer.from(macBytes, 'hex'));
  sha1.update(secret);
  var hashResult = sha1.digest('hex').slice(-8);
 
  console.log('least significant 4 bytes of SHA1(' + macBytes + secret  + ') = 0x' + hashResult);
  return hashResult;
}

 

For any Meraki people following along, would you mind updating the docs?  The comment in your pseudocode uses a different org secret than the example, which made this a little more painful than it should have been.  "t3lrdd" is not the same as "t3Irdd".

 

 

aryan-jain
New here

How can I know my own org-secret if I wanted to match data from my Meraki devices to other access points configured in the same building?

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels