3 Replies Latest reply on Oct 16, 2019 4:49 AM by DheerajK_81

    Do you know how to decipher the hash created by sha-256?

    ke1_4519501

      I have used the Cy_Crypto_Sha_Run () function to calculate the hash, but I have not found a way to reverse it or decrypt it, any ideas?

        • 1. Re: Do you know how to decipher the hash created by sha-256?
          DheerajK_81

          Please note that SHA is a one-way cryptographic hash function and not a cipher. It produces a fixed length string (Hm) for the given input message (m). So, given Hm, it is not possible to get back m.

           

          A typical use case is a password mechanism where based on the user password a fixed length hash gets created and gets stored in memory. Only when the right password is entered, you get the right hash which can be compared with the hash in memory to grant access.

           

          Due to pre-image resistance, second pre-image resistance and collision resistance characteristics of SHA, it is mostly impossible to have another password which produces the same hash value.

           

          If you need access to the original data I suggest you use an algorithm like AES. In the API Cy_Crypto_Aes_Ecb_Run(), it takes the first parameter as cy_en_crypto_dir_mode_t which can be used to specify if you want to encrypt or decrypt. Please refer to the PDL documentation for more information.

           

          Hope this helps!

           

          Regards,
          Dheeraj

          • 2. Re: Do you know how to decipher the hash created by sha-256?
            ke1_4519501

            Hi, what happens is that I want to create a digital signature with sha-256, so there must be a way to know the message after deciphering the signature, do you know if this can be done in psoc?

            • 3. Re: Do you know how to decipher the hash created by sha-256?
              DheerajK_81

              As mentioned previously SHA is not an encryption scheme. It is a keyed hashing algorithm which can be used to compare digital signatures when the input message is the same.

               

              Message m1 ----> SHA ----> Digital Signature/HashValue (H1)

              Message m2 ----> SHA ----> Digital Signature/HashValue (H2)

               

              If and only if m1 = m2, then H1 = H2.

               

              To encrypt the message and then decrypt it to get original message back, you need to use an encryption scheme like AES.

               

              Regards,

              Dheeraj