Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Decryption of a file,whose encrypted algorithm is not known

Posted on 2006-07-02
10
Medium Priority
?
628 Views
Last Modified: 2010-04-11
i am working with Authentication log files.i installed certificate authentication server.when i view its log files.they are encrypted with SHA1 algorithm,but i dont know about this algorothm,nor do i have its decryption key.
is there any way to view those log files.
urgently required
0
Comment
Question by:tulipnoor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
10 Comments
 
LVL 32

Accepted Solution

by:
jhance earned 2000 total points
ID: 17030025
SHA1 is not an encryption algorithm but rather a HASH algorithm.  SHA1 hashed data is not decrypted since this is a ONE-WAY hashing function.  Its purpose is to "sign" or validate a block of data so that you can know it's not been altered rather than to provide security against outsiders from viewing the data.

Hashes are used with log files to permit the administrator to determine whether or not the log files have been altered.  An attacker will  not be able to generate the same hash from the altered data so the attack will be detected.

The way you use the hash is to use the (publicly available) SHA1 algorithm to re-hash the log file data and validate that the hash you calculate matches the original hash.
0
 
LVL 32

Expert Comment

by:jhance
ID: 17030027
0
 
LVL 18

Expert Comment

by:decoleur
ID: 17030350
we need more information about your configuration.

on first glance, without knowing the application or the OS... No you will not be able to read those logs, although there are issues with the security of SHA you cannot easily reverse engineer a hash file of a log file to determine its content.
0
Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

 
LVL 32

Expert Comment

by:jhance
ID: 17030923
???
0
 
LVL 32

Expert Comment

by:jhance
ID: 17031326
decoleur,

SHA-1 is a HASH, not an encryption scheme.  It's a ONE WAY HASH, that means that even knowing the key doesn't get you back to the plaintext.  SHA-1, as well as other HASHES are NOT suitable for data encryption.  They are used for signing and other sorts of verification schemes.

In this question, the log files themselves are NOT encrypted with SHA-1.  They may be hashed with SHA-1 and they may (or may not) be encrypted using some other scheme.
0
 
LVL 18

Expert Comment

by:decoleur
ID: 17032950
yes j you are right, SHA is a hash and it is not encryption... did I ever say that it was?

SHA is however also called a cryptographic hash function that is computationally infeasable to reverse engineer. for more info: http://unixwiz.net/techtips/iguide-crypto-hashes.html

I still think we need more information about the configuration to assist.

cheers-

-t
0
 
LVL 32

Expert Comment

by:jhance
ID: 17235553
It's my opinion that this question is fully answered.
0
 
LVL 18

Expert Comment

by:decoleur
ID: 17240933
the question was answered, sha is a cryptographic one way hash, the poster wanted a way to reverse the process.

the answer was that it could not be done. we both said it in different ways.
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How does someone stay on the right and legal side of the hacking world?
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question