[openssl-users] Is SHA hashing algorithm reversable?

Viktor Dukhovni openssl-users at dukhovni.org
Mon Apr 4 20:40:15 UTC 2016


On Mon, Apr 04, 2016 at 06:26:29AM -0700, Sugumar wrote:

> I going to use SHA256 algorithm for storing my passwords in secure manner.
> But after reading some documentations related to SHA i come to know it is
> not reversable. 
> Yes hashing means its not reversable only.
> But i saw some online websites giving the original data by reversing the
> hash data.
> is it possible means what is the security of hashing?
> I am totally confused pls clarify my doubt.

Unsalted hashes (regardless of the algorithm) are vulnerable to
rainbow table assisted dictionary attacks.  This is a space/time
tradeoff that makes lookup a bit slower but reduces the storage
cost to manageable levels.

So there is no explicit inversion, just reasonably efficient guess
and compare dictionary attacks.

-- 
	Viktor.


More information about the openssl-users mailing list