[openssl-users] Is SHA hashing algorithm reversable?
Viktor Dukhovni
openssl-users at dukhovni.org
Mon Apr 4 20:40:15 UTC 2016
On Mon, Apr 04, 2016 at 06:26:29AM -0700, Sugumar wrote:
> I going to use SHA256 algorithm for storing my passwords in secure manner.
> But after reading some documentations related to SHA i come to know it is
> not reversable.
> Yes hashing means its not reversable only.
> But i saw some online websites giving the original data by reversing the
> hash data.
> is it possible means what is the security of hashing?
> I am totally confused pls clarify my doubt.
Unsalted hashes (regardless of the algorithm) are vulnerable to
rainbow table assisted dictionary attacks. This is a space/time
tradeoff that makes lookup a bit slower but reduces the storage
cost to manageable levels.
So there is no explicit inversion, just reasonably efficient guess
and compare dictionary attacks.
--
Viktor.
More information about the openssl-users
mailing list