Possibility of decrypting pbkdf2_sha256 by bruteforce - encryption

Is it theoretically possible to brute pbkdf2_sha256 type of hash if I make a dictionary which contains all possible passwords?
I mean, it's possible to kinda brute sha256 hash, but I haven't even heard of pbkdf2_sha256 thing.

Related

Decoding MD5 Hash into unicode [duplicate]

This question already has answers here:
Is it possible to decrypt MD5 hashes?
(24 answers)
Closed 5 years ago.
ร encodes into 0f93821e0fbc6d3736da7df2c73024aa
I was wondering if it's possible to decode the hash back into the unicode form. If so, how can I approach this or how can I perform this.
Any help is appreciated, thanks.
m5d is a hashing algorithm, that is by nature monodirectional.
You just can't "decode" it.
The only option you have is bruteforcing.
The whole point of a hash is to present a fixed-length output for arbitrary input with the property that the same input results in the same output. Cryptographic hash functions like MD5, or SHA-1 are even designed so they cannot be reversed easily. Thus, no, you cannot do that.
Also, just as a thought exercise that shows that in the general case it just cannot work: MD5 is 128 bits long, so how could you possibly recover input that's larger than that? There are an infinite number of strings turning into the same digest, so while you could find a string that has the same hash, you're not guaranteed to find the one you started with.
Whites11 has mentioned brute-forcing, however take into account this is not 'Decoding' the hash. This is simply hashing common inputs and comparing the 2 hashes to see if they match, unless you have a set of common inputs that may actually match the hash its very unlikely you will get anywhere with it.
Hashes are intentionally mono-directional, I can't think of why you would need to either you may need to rethink the logic of whatever project you're doing.
To summarize, you can't decode a hash, this is intentional and that's why hashing algorithms exist. And brute-forcing is hashing common inputs to see if they match your hash. It's commonly used for password cracking etc. Done with common password data sets. So may not be useful in your case.
http://www.md5online.org is a good example of bruteforcing, it is a database of previously bruteforce/tested hashes and their unicode inputs. You can try hashing a basic word like "password" and throwing it in there, it should show the original unicode input if it's a known hash!
Here are 2 excellent informative videos that cover hashing algorithms and brute-forcing hashes:
https://www.youtube.com/watch?v=b4b8ktEV4Bg
https://www.youtube.com/watch?v=7U-RbOKanYs

Cracking a sha256 hash and i know how it will be like

I have a sha256 hash and i know that it consists on numbers and small characters and the length is 64 so is there any way to crack it?
SHA256 is a one-way hash, rather than an encryption. As such, you can't decrypt it. You can, however, bruteforce it.
MD5Decrypt has already covered more than 3 billion possible SHA256 strings, so there's a good chance you can find it here. Otherwise, you'll just need to try every possible combination there is, using what you already know.
Hope this helps! :)

When deriving a encryption/decryption key from a passphrase, what encoding is the most commonly used?

When I'm deriving an encryption key from a passphrase, it is quite common to use a hash algorithm to derive the key from the passphrase. Examples are SHA-256 (single or multiple rounds) and SCrypt.
But, when entering the passphrase in the hash function, is it usually encoded using UTF-8 or UTF-16?
I know it's impossible to be "compliant" with all other existing encryption mechanisms, but I'd like to know what way is in fact the most common.
Given that the entropy is the same, the choice between UTF8 and UTF16 really doesn't matter.

Encryption using SHA1

I am developing a large application and i need encryption when a data is traveling between two machines in different continents. I have never worked on encryption. I want a simple encryption which can be handled in PHP / Ruby / Python without any dependencies.
So i decided to use HMAC SHA1.
$pad=hash_hmac("sha1","The quick brown....","mykey");
This is what i found out after some research on the internet.
How hard it is to decrypt it if someone doesn't know the key? Also, any alternatives to this?
UPDATE - thanks for all the responses. Problem solved.
It's impossible to decrypt it, even if you know the key. HMAC SHA1 is a keyed hash algorithm, not encryption.
A hash is a cryptographic one-way function that always generates a value of the same length (I think SHA1 is 128-bits) regardless of the length of the input. The point of a hash is that, given the output value, it's computationally infeasible to find an input value to produce that output. A keyed hash is used to prevent rainbow table attacks. Even if you know the key you can't reverse the hash process.
For encryption you want to look at AES.
SHA1 is a one-way-hash function, by definition it is not decryptable by anyone. The question becomes if you have a plaintext T that hashes to H. How hard is it to find another T which also hashes to H.
According to Wikipedia, for SHA1, the best known brute force attack would take 2^51 evlautions to find a plain text that matches.
If you need actual encryption where you can reverse the process, you should take a look at AES256.
See:
http://en.wikipedia.org/wiki/Cryptographic_hash_function
For a general discussion on this.
Like Andrew said SHA1 is an hash algorithm and cannot be used for encryption (since you cannot get back the original value). The digest it produce can be used to validate the integrity of the data.
An HMAC is a construct above an hash algorithm that accept a key. However it's not for meant for encryption (again it can't be decrypted) but it allows you to sign the data, i.e. with the same key you'll be able to ensure the data was not tampered with during it's transfer.
Foe encryption you should look at using AES or, if applicable to your application, HTTPS (which will deal with more issues than you want to know about ;-)
SHA-1 , MD-5 are all one way Hashing algorithms.
They just generate a lengthy string. Each and every string when subjected to these functions will yield you a lengthy string which cannot be retained back.
They are far from encryptions.
If you are looking for encryption algorithms , go for AES (Advanced Encryption Standard) , DES (Data Encryption Standard) Algorithms.
As I say, this is a hash, so not an encryption/decryption problem. If you want to implement a straightforward encryption algorithm, I would recommend looking into XOR encryption. If the key is long enough (longer than the message) and your key sharing policy is suitably secure, this is a one time pad; otherwise, it can potentially be broken using statistical analysis.

Using RSA for hash

I am pondering creating a hash function (like md5 or sha1) using the RSA crypto algorithm. I am wondering if there are any obvious reasons that this algorithm wouldn't work:
Generate RSA public/private keys.
Discard private key, never store it at all.
Begin with a hash with a length of the block size for the RSA encryption.
Encrypt message using public key, one block at a time.
For each encrypted block of the message, accumulate it to the hash using a specified algorithm (probably a combination of +, xor, etc.)
To verify a message has the same hash as a stored hash, use the saved public key and repeat the process.
Is this possible, secure, and practical?
Thanks for any comments.
RSA encryption is not deterministic: if you follow the RSA standard, you will see that some random bytes are injected. Therefore, if you encrypt with RSA the same message twice, chances are that you will not get twice the same output.
Also, your "unspecified step 5" is likely to be weak. For instance, if you define a way to hash a block, and then just XOR the blocks together, then A||B and B||A (for block-sized values A and B) will hash to the same value; that's collision bonanza.
Academically, building hash functions out of number-theoretic structures (i.e. not a raw RSA, but reusing the same kind of mathematical element) has been tried; see this presentation from Lars Knudsen for some details. Similarly, the ECOH hash function was submitted for the SHA-3 competition, using elliptic curves at its core (but it was "broken"). The underlying hope is that hash function security could somehow be linked to the underlying number-theoretic hard problem, thus providing provable security. However, in practice, such hash functions are either slow, weak, or both.
There are already hashes that do essentially this, except perhaps not with the RSA algorithm in particular. They're called cryptographic hashes, and their salient point is that they're cryptographically secure - meaning that the same strength and security-oriented thought that goes into public key cryptographic functions has gone into them as well.
The only difference is, they've been designed from the ground-up as hashes, so they also meet the individual requirements of hash functions, which can be considered as additional strong points that cryptographic functions need not have.
Moreover, there are factors which are completely at odds between the two, for instance, you want hash functions to be as fast as possible without compromising security whereas being slow is oftentimes seen as a feature of cryptographic functions as it limits brute force attacks considerably.
SHA-512 is a great cryptographic hash and probably worthy of your attention. Whirlpool, Tiger, and RipeMD are also excellent choices. You can't go wrong with any of these.
One more thing: if you actually want it to be slow, then you definitely DON'T want a hash function and are going about this completely wrong. If, as I'm assuming, what you want is a very, very secure hash function, then like I said, there are numerous options out there better suited than your example, while being just as or even more cryptographically secure.
BTW, I'm not absolutely convinced that there is no weakness with your mixing algorithm. While the output of each RSA block is intended to already be uniform with high avalanching, etc, etc, etc, I remain concerned that this could pose a problem for chosen plaintext or comparative analysis of similar messages.
Typically, it is best to use an algorithm that is publicly available and has gone through a review process. Even though there might be known weaknesses with such algorithms, that is probably better than the unknown weaknesses in a home-grown algorithm. Note that I'm not saying the proposed algorithm has flaws; it's just that even if a large number of answers are given here saying that it seems good, it doesn't guarantee that it doesn't. Of course, the same thing can be said about algorithms such as MD5, SHA, etc. But at least with those, a large number of people have put them through a rigorous analysis.
Aside from the previous "boilerplate" warnings against designing one's own cryptographic functions, it seems the proposed solution might be somewhat expensive in terms of processing time. RSA encryption on a large document could be prohibitive.
Without thinking too much about it, it seems like that would be cryptographically secure.
However, you'd have to be careful of chosen plaintext attacks, and if your input is large you may run into speed issues (as asymmetric crypto is significantly slower than cryptographic hashes).
So, in short: yes, this seems like it could be possible and secure… But unless there is a really compelling reason, I would use a standard HMAC if you want a keyed hash.
As mentioned above step 4.) is to be done deterministic, i.e. with modulus and public key exponent, only.
If the hash in step 3.) is private, the concept appears secure to me.
Concerning Step 5.): In known CBC mode of kernel algorithms the mix with previous result is done before encryption, Step 4.), might be better for avoiding collusions, e.g. with a lazy hash; XOR is fine.
Will apply this, as available implementations of known hash functions might have backdoors :)
Deterministic Java RSA is here.
EDIT
Also one should mention, that RSA is scalable without any limits. Such hash function can immediately serve as Mask Generation Function.

Resources