Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories

Welcome to the new platform of Programmer's Heaven! We apologize for the inconvenience caused, if you visited us from a broken link of the previous version. The main reason to move to a new platform is to provide more effective and collaborative experience to you all. Please feel free to experience the new platform and use its exciting features. Contact us for any issue that you need to get clarified. We are more than happy to help you.

SHA-1 decryption?

PharazonPharazon Posts: 3Member
No I am not asking how to crack SHA-1.

I just want to know how to take the info digested by a sha.new()instance, and decrypt it back to the original info that i've fed it?

Comments

  • infidelinfidel Posts: 2,900Member
    : No I am not asking how to crack SHA-1.
    :
    : I just want to know how to take the info digested by a sha.new()instance, and decrypt it back to the original info that i've fed it?

    Unless I'm mistaken this is not possible. As I understand it, the entire point of the various hashing algorithms is to prevent exactly this. This is so you can compare the hashes of two values and if the hashes are the same you can be nearly certain the original values were identical.

    An SHA1 hash is how many bits? 128? 256? I don't for sure, but if you think about it, you can hash any value of any size to something that's maybe a few dozen bytes long. How could you possibly hope to reconstruct the original from it? It's not like a compression algorithm or encryption mode.


    [size=5][italic][blue][RED]i[/RED]nfidel[/blue][/italic][/size]

    [code]
    $ select * from users where clue > 0
    no rows returned
    [/code]

  • MastikMastik Posts: 19Member
    : No I am not asking how to crack SHA-1.
    :
    : I just want to know how to take the info digested by a sha.new()instance, and decrypt it back to the original info that i've fed it?
    :

    SHA is by its very nature one way encryption. You cannot
    decrypt it.

    How ever there are encryptions such as GPG which has a command line
    interface that will allow you to encrypt and decrypt.

    Also if you do come accross a way to decrypt SHA please share with the rest of us. Not to say I want people to crack things and chare the cracks just if you come accross a a legit manner of decypting it.
  • MastikMastik Posts: 19Member
    : : No I am not asking how to crack SHA-1.
    : :
    : : I just want to know how to take the info digested by a sha.new()instance, and decrypt it back to the original info that i've fed it?
    :
    : Unless I'm mistaken this is not possible. As I understand it, the entire point of the various hashing algorithms is to prevent exactly this. This is so you can compare the hashes of two values and if the hashes are the same you can be nearly certain the original values were identical.
    :
    : An SHA1 hash is how many bits? 128? 256? I don't for sure, but if you think about it, you can hash any value of any size to something that's maybe a few dozen bytes long. How could you possibly hope to reconstruct the original from it? It's not like a compression algorithm or encryption mode.
    :
    :
    : [size=5][italic][blue][RED]i[/RED]nfidel[/blue][/italic][/size]
    :
    : [code]
    : $ select * from users where clue > 0
    : no rows returned
    : [/code]
    :
    :
    I think SHA1 is 256 bytes.
  • infidelinfidel Posts: 2,900Member
    : Also if you do come accross a way to decrypt SHA please share with the rest of us. Not to say I want people to crack things and chare the cracks just if you come accross a a legit manner of decypting it.

    It's not encryption, it's a hashing alrgorithm. You can't decrypt it, all you can do is try to find a string that hashes to the same value, and if you do it's pretty likely that you've found the original string. Although they've started finding collisions lately so pretty soon we'll need even longer hashes.


    [size=5][italic][blue][RED]i[/RED]nfidel[/blue][/italic][/size]

    [code]
    $ select * from users where clue > 0
    no rows returned
    [/code]

  • JonathanJonathan Posts: 2,914Member
    : It's not encryption, it's a hashing alrgorithm. You can't decrypt it,
    : all you can do is try to find a string that hashes to the same value,
    : and if you do it's pretty likely that you've found the original
    : string.
    Well, maybe likely. :-) But yeah, it's not for encryption.

    : Although they've started finding collisions lately so pretty soon
    : we'll need even longer hashes.
    :
    Yes, though it's not length alone that affects the ability to find two messages that hash to the same value. Ideally it would be, but the new SHA-1 issues arise because there are ways of finding collisions quicker than doing brute force (which has length as its only variable - though you need to divide number of bits by 2 to get real power of 2 of the number of tests to do in order to account for the birthday paradox).

    If you're developing a new system then you may want to look elsewhere than SHA-1 (and MD5) for hashing algorithms. Both have, in the last couple of years, been shown to have weaknesses. MD5 especially. The weaknesses have msot effect in message signing use than for hashing passwords and so on though. For more on SHA-1 weaknesses, see:
    http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
    http://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html

    SHA-256 is likely to be used in the future (256 bit value, and generated differently to some degree so hasn't got the weakness SHA-1 has). FYI, SHA-1 is a 160 bit hash. Another possible algorithm is Tiger, which I believe was developed at Cambridge Uni partly by Ross Anderson.

    Jonathan

    ###
    for(74,117,115,116){$::a.=chr};(($_.='qwertyui')&&
    (tr/yuiqwert/her anot/))for($::b);for($::c){$_.=$^X;
    /(p.{2}l)/;$_=$1}$::b=~/(..)$/;print("$::a$::b $::c hack$1.");

  • infidelinfidel Posts: 2,900Member
    : Jonathan

    Howdy, stranger.


    [size=5][italic][blue][RED]i[/RED]nfidel[/blue][/italic][/size]

    [code]
    $ select * from users where clue > 0
    no rows returned
    [/code]

  • JonathanJonathan Posts: 2,914Member
    : : Jonathan
    :
    : Howdy, stranger.
    :
    :
    Yeah, I know. I got bitten by RSI and haven't been able to spend as much time hanging about on PH and doing a lot of other fun programming stuff of late. :-( I have been working out in Spain the last couple of weeks and have been using a nice, comfortable split keyboard. Amazingly, my symptoms have virtually disappeared. So no prizes for guessing what I will be ordering when I get back to the UK...

    Jonathan

    ###
    for(74,117,115,116){$::a.=chr};(($_.='qwertyui')&&
    (tr/yuiqwert/her anot/))for($::b);for($::c){$_.=$^X;
    /(p.{2}l)/;$_=$1}$::b=~/(..)$/;print("$::a$::b $::c hack$1.");

Sign In or Register to comment.