Just wondering if knowing the original string length means that you can better unlash a SHA1 encryption.
Just wondering if knowing the original string length means that you can better unlash
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Just wondering if knowing the original string length means that you can better unlash a SHA1 encryption.
No, not in the general case: a hash function is not an encryption function and it is not designed to be reversible.
It is usually impossible to recover the original hash for certain. This is because the domain size of a hash function is larger than the range of the function. For SHA-1 the domain is unbounded but the range is 160bits.
That means that, by the Pigeonhole principle, multiple values in the domain map to the same value in the range. When such two values map to the same hash, it is called a hash collision.
However, for a specific limited set of inputs (where the domain of the inputs is much smaller than the range of the hash function), then if a hash collision is found, such as through an brute force search, it may be “acceptable” to assume that the input causing the hash was the original value. The above process is effectively a preimage attack. Note that this approach very quickly becomes infeasible, as demonstrated at the bottom. (There are likely some nice math formulas that can define “acceptable” in terms of chance of collision for a given domain size, but I am not this savvy.)
The only way to know that this was the only input that mapped to the hash, however, would be to perform an exhaustive search over all the values in the range — such as all strings with the given length — and ensure that it was the only such input that resulted in the given hash value.
Do note, however, that in no case is the hash process “reversed”. Even without the Pigeon hole principle in effect, SHA-1 and other cryptographic hash functions are especially designed to be infeasible to reverse — that is, they are “one way” hash functions. There are some advanced techniques which can be used to reduce the range of various hashes; these are best left to Ph.D’s or people who specialize in cryptography analysis 🙂
Happy coding.
For fun, try creating a brute-force preimage attack on a string of 3 characters. Assuming only English letters (A-Z, a-z) and numbers (0-9) are allowed, there are “only” 623 (238,328) combinations in this case. Then try on a string of 4 characters (624 = 14,776,336 combinations) … 5 characters (625 = 916,132,832 combinations) … 6 characters (626 = 56,800,235,584 combinations) …
Note how much larger the domain is for each additional character: this approach quickly becomes impractical (or “infeasible”) and the hash function wins 🙂
One way password crackers speed up preimage attacks is to use rainbow tables (which may only cover a small set of all values in the domain they are designed to attack), which is why passwords that use hashing (SHA-1 or otherwise) should always have a large random salt as well.