a strong function for hash strings and restore it

2020-05-03 13:00发布

问题:

I'm looking for a strong hash function (algorithm) to hash my codes. i want to restore hashed string to original string. (can i restore sha to original?)

can you help me?

回答1:

You can't restore the original data from a hash as it is not reversible by design. An usual explanation is the Pigeonhole Principle - most hashes are about 128-256 bits, so 16-32 bytes in size. As soon as your string is longer (and even before this) than this, there will be two strings that have the same hash. This is called a collision.

Also note that strings shorter than 16-32 bytes can often be reversed, although you shouldn't rely on this as there can be collisions, too. For example, hash some string like test and search for the hash on Google.

Nevertheless, even test and some other short word could have the same hash, so you'll never be 100% sure you've got the right string.



回答2:

Hash algorithms are one way so you can't restore the original text from the hash



回答3:

You have your terminology wrong, I think. A "hash" is a one-way encryption algorithm; by definition, you cannot "de-hash" a hashed string (if you can "de-hash" the string using anything more efficient than a birthday attack, then the hash algorithm is vulnerable and should not be used). The purpose of hashes is to provide a unique substitute value, usually with a fixed length, that can be compared for exact equality without exposing the plaintext used to generate the hash.

If you want strong information-hiding while retaining the ability within your program to get the original value back out, then you just want encryption. I would recommend something like AES or Rijndael, which are symmetric encryption algorithms. You use the same key to decrypt as to encrypt, so you can hide the key somewhere in your code or database and decrypt things you've previously encrypted. What you usually lose is the fixed-length property of most hashes; in the case of things like passwords, the length of the plaintext string, and thus the ciphertext, is usually self-limiting anyway.

If decryption of data is not something you normally need to do, but you often need to encrypt things (for instance you are using the algorithm to "hash" passwords for DB storage, but you need to retain the ability to decrypt them if a user forgets one), you can use an an asymmetric algorithm like RSA. One key, the public key, is used to encrypt strings, then another key, the private key, decrypts them. You can put the public key out in your assemblies, and even if it's decompiled, an attacker cannot use the key in the assembly to read passwords. Your private key, which should be stored very securely in a private place in your own system and is never pushed out with any code objects, is the only thing that can decrypt the strings that are encrypted with the public key.