Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Decrypt md5

Posted on 2004-08-02
3
16,891 Views
Last Modified: 2013-12-12
Hello,

I am currently using the following MD5 function to store credit card numbers into a database:
---------------------------------------------------------------------------------
 function get_rnd_iv($iv_len)
 {
    $iv = '';
    while ($iv_len-- > 0) {
        $iv .= chr(mt_rand() & 0xff);
    }
    return $iv;
 }

 function md5_encrypt($plain_text, $password, $iv_len = 16)
 {
    $plain_text .= "\x13";
    $n = strlen($plain_text);
    if ($n % 16) $plain_text .= str_repeat("\0", 16 - ($n % 16));
    $i = 0;
    $enc_text = get_rnd_iv($iv_len);
    $iv = substr($password ^ $enc_text, 0, 512);
    while ($i < $n) {
        $block = substr($plain_text, $i, 16) ^ pack('H*', md5($iv));
        $enc_text .= $block;
        $iv = substr($block . $iv, 0, 512) ^ $password;
        $i += 16;
    }
    return base64_encode($enc_text);
 }

 function md5_decrypt($enc_text, $password, $iv_len = 16)
 {
    $enc_text = base64_decode($enc_text);
    $n = strlen($enc_text);
    $i = $iv_len;
    $plain_text = '';
    $iv = substr($password ^ substr($enc_text, 0, $iv_len), 0, 512);
    while ($i < $n) {
        $block = substr($enc_text, $i, 16);
        $plain_text .= $block ^ pack('H*', md5($iv));
        $iv = substr($block . $iv, 0, 512) ^ $password;
        $i += 16;
    }
    return preg_replace('/\\x13\\x00*$/', '', $plain_text);
}
---------------------------------------------------------------------------------
Then I do this:
$cc_number = $_POST['sltCreditCard'];
$cc_number = md5($cc_number);
---------------------------------------------------------------------------------
and then in my SQL string I insert the $cc_number.
---------------------------------------------------------------------------------

Now, I want to run an internal monthly report.  How can I write a SQL statement that will decrypt the Credit Card number and show the actual number.

Is this possible?

Thanks.
0
Comment
Question by:rudyflyer
  • 2
3 Comments
 
LVL 27

Accepted Solution

by:
Diablo84 earned 125 total points
ID: 11693881
hi rudyflyer,

The short answer is no.

an md5 hashed string cannot be decrypted im afraid.

you can only compare encrypted strings to the hash but an md5 string cannot be decrypted.

you may wish to use an alternative method of encryption that can be decrypted such as base 64

encode: http://www.php.net/manual/en/function.base64-encode.php
decode: http://www.php.net/manual/en/function.base64-decode.php

0
 
LVL 27

Expert Comment

by:Diablo84
ID: 11693914
Most encyption methods with php, with the exception of base64, is a one way process

Once encrypted it is not intended to be decrypted that way the data is very secure
0
 

Expert Comment

by:markbancks
ID: 22356687
Just for reference on MD5 and SHA are now NOT considered secure because of the possibility of 2 samples having the same hash and also reverse lookup tables and the freely available software to generate them.
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Logic behind "best rated" calculation 11 31
Link failure 16 34
PHP: Best way to scan folders and process files 10 40
issue with DB import 1 18
This article will explain how to display the first page of your Microsoft Word documents (e.g. .doc, .docx, etc...) as images in a web page programatically. I have scoured the web on a way to do this unsuccessfully. The goal is to produce something …
Generating table dynamically is the most common issue faced by php developers.... So it seems there is a need of an article that explains the basic concept of generating tables dynamically. It just requires a basic knowledge of html and little maths…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question