Silvu
|
  |
| Joined: 05 Mar 2011 |
| Total Posts: 19434 |
|
|
| 07 Jul 2012 03:49 PM |
ok
I have a question for those of you who know about this kind of stuff.
The SHA-256 algorithm is supposedly one way, but there has to be some way to decrypt the hashes, right?
I'm not asking for a way to decrypt it, I'm just wondering if it's possible, because I don't think it's possible for it to the one way, but I don't know much about this kind of stuff. |
|
|
| Report Abuse |
|
|
|
| 07 Jul 2012 03:50 PM |
No, you can't decrypt a SHA256 hash.
However, you (theoretically) can find an identical input that creates the same hash. This input might be the same as one used in the original hash.
Note: this has never been successfully done before and is technologically infeasible.
tl;dr AVI.nope |
|
|
| Report Abuse |
|
|
|
| 07 Jul 2012 03:52 PM |
| your best bet is rainbow tables |
|
|
| Report Abuse |
|
|
lombardo2
|
  |
| Joined: 30 Nov 2008 |
| Total Posts: 1604 |
|
|
| 07 Jul 2012 03:58 PM |
| There aren't successful (well at least practical) attacks on SHA-1 talking about SHA-256... |
|
|
| Report Abuse |
|
|
|
| 07 Jul 2012 06:36 PM |
| Even decrypting SHA1 would take thousands or millions of years, don't even get me started on SHA256. |
|
|
| Report Abuse |
|
|
GigsD4X
|
  |
| Joined: 06 Jun 2008 |
| Total Posts: 3794 |
|
|
| 07 Jul 2012 08:10 PM |
| What people do in these cases is hash a bunch of random strings that are most likely to be what is hashed so that they could get what creates that hash and therefore have the "decrypted" content. And then there are those websites that have computers always generating random hashes so that they could have them all. |
|
|
| Report Abuse |
|
|
Silvu
|
  |
| Joined: 05 Mar 2011 |
| Total Posts: 19434 |
|
|
| 07 Jul 2012 08:39 PM |
@Necro
Let's say you had credit card numbers encrypted in SHA-256 (no I don't have any mods), could you create a program that generates random hashes that would meet what you're looking for (the number of digits in a CC and only numbers) and then have it check the numbers against the Luhn algorithm? |
|
|
| Report Abuse |
|
|
|
| 07 Jul 2012 08:42 PM |
It's impossible to decrypt hashes.
You can brute force them, but you just can't decrypt them. |
|
|
| Report Abuse |
|
|
Silvu
|
  |
| Joined: 05 Mar 2011 |
| Total Posts: 19434 |
|
|
| 07 Jul 2012 09:02 PM |
@Julien
what makes it impossible? |
|
|
| Report Abuse |
|
|
|
| 07 Jul 2012 09:14 PM |
"what makes it impossible?"
it's 1-way. |
|
|
| Report Abuse |
|
|
Silvu
|
  |
| Joined: 05 Mar 2011 |
| Total Posts: 19434 |
|
|
| 07 Jul 2012 09:16 PM |
@Dr
there has to be some way to decrypt it
|
|
|
| Report Abuse |
|
|
|
| 07 Jul 2012 09:17 PM |
@Silvu No, there doesn't. The data is gone. It's not encryption, it's hashing. |
|
|
| Report Abuse |
|
|
Anaminus
|
  |
 |
| Joined: 29 Nov 2006 |
| Total Posts: 5945 |
|
|
| 07 Jul 2012 09:18 PM |
@Silvu, Take any number and add its digits together. Then take the resulting number and do it again. Repeat until you have a one-digit number. This one-digit number is a hash of the number you started with.
Now ask whether it's possible to get the original number from this one-digit number. |
|
|
| Report Abuse |
|
|
|
| 07 Jul 2012 10:13 PM |
| The reason hashing can't be reversed is simply because data is lost. Many different inputs can give the same hash. |
|
|
| Report Abuse |
|
|
Combrad
|
  |
| Joined: 18 Jul 2009 |
| Total Posts: 11025 |
|
|
| 08 Jul 2012 03:40 AM |
749854 7+4+9+8+5+4=27 2+7 = 9
9 to 749854 Try to figure it out :) |
|
|
| Report Abuse |
|
|
Avolition
|
  |
| Joined: 20 Apr 2011 |
| Total Posts: 708 |
|
|
| 08 Jul 2012 04:27 AM |
I don't think it's impossible to crack a hashing algorithm, just very very very hard. As Anaminus said, it wouldn't be IMPOSSIBLE to get a list of numbers that would fit the hash, just very very very hard.
There's an onion site where you can buy "credits" and exchange them with other hackers in return for them to try and bruteforce your hash. They usually use their botnet's slave's GPUs to do this. That's what I've always used when I've needed to crack a hash, and it's a quite neat system.
|
|
|
| Report Abuse |
|
|
Silvu
|
  |
| Joined: 05 Mar 2011 |
| Total Posts: 19434 |
|
| |
|
|
| 08 Jul 2012 06:52 AM |
| Pfft, huge chain of thousand core servers with 1TB ram on each. They will get the job done. x3 |
|
|
| Report Abuse |
|
|
RA2lover
|
  |
| Joined: 09 Nov 2008 |
| Total Posts: 1254 |
|
|
| 08 Jul 2012 07:48 AM |
| no. just hit the guy with a $5 wrench until he tells the pass, instead of building a million-dollar cluster to crack it. |
|
|
| Report Abuse |
|
|
Avolition
|
  |
| Joined: 20 Apr 2011 |
| Total Posts: 708 |
|
|
| 08 Jul 2012 07:59 AM |
| If I used my personal computer as well as my Bitcoin rigs to bruteforce a SHA-256 hash, I could easily do millions per second. It wouldn't cost anywhere near a million dollars. |
|
|
| Report Abuse |
|
|
|
| 08 Jul 2012 12:25 PM |
@Avo
I'm talking about billions per second. :/ |
|
|
| Report Abuse |
|
|
Roundel
|
  |
| Joined: 20 Mar 2010 |
| Total Posts: 469 |
|
|
| 08 Jul 2012 12:26 PM |
decrypting any hash is the same as decrypting any other hash
you just have to get a dictionary of known words correlating with known hashes
avolition is right cause all you'd need to do is try a bunch of combinations of letters and numbers and you'd be able to get most pwrds within a day |
|
|
| Report Abuse |
|
|
Merely
|
  |
| Joined: 07 Dec 2010 |
| Total Posts: 17266 |
|
|
| 08 Jul 2012 12:34 PM |
with current computing power it would take millions of years
in a few years pretty much all methods that rely on time/memory as the safeguard will be easy to crack |
|
|
| Report Abuse |
|
|
pwnedu46
|
  |
| Joined: 23 May 2009 |
| Total Posts: 7534 |
|
|
| 08 Jul 2012 01:36 PM |
"Pfft, huge chain of thousand core servers with 1TB ram on each. They will get the job done. x3"
Google compute engine? It gives you access to 771,886 cores. |
|
|
| Report Abuse |
|
|