Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Decryption of a file,whose encrypted algorithm is not known

Posted on 2006-07-02
10
624 Views
Last Modified: 2010-04-11
i am working with Authentication log files.i installed certificate authentication server.when i view its log files.they are encrypted with SHA1 algorithm,but i dont know about this algorothm,nor do i have its decryption key.
is there any way to view those log files.
urgently required
0
Comment
Question by:tulipnoor
  • 5
  • 3
10 Comments
 
LVL 32

Accepted Solution

by:
jhance earned 500 total points
ID: 17030025
SHA1 is not an encryption algorithm but rather a HASH algorithm.  SHA1 hashed data is not decrypted since this is a ONE-WAY hashing function.  Its purpose is to "sign" or validate a block of data so that you can know it's not been altered rather than to provide security against outsiders from viewing the data.

Hashes are used with log files to permit the administrator to determine whether or not the log files have been altered.  An attacker will  not be able to generate the same hash from the altered data so the attack will be detected.

The way you use the hash is to use the (publicly available) SHA1 algorithm to re-hash the log file data and validate that the hash you calculate matches the original hash.
0
 
LVL 32

Expert Comment

by:jhance
ID: 17030027
0
 
LVL 18

Expert Comment

by:decoleur
ID: 17030350
we need more information about your configuration.

on first glance, without knowing the application or the OS... No you will not be able to read those logs, although there are issues with the security of SHA you cannot easily reverse engineer a hash file of a log file to determine its content.
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 32

Expert Comment

by:jhance
ID: 17030923
???
0
 
LVL 32

Expert Comment

by:jhance
ID: 17031326
decoleur,

SHA-1 is a HASH, not an encryption scheme.  It's a ONE WAY HASH, that means that even knowing the key doesn't get you back to the plaintext.  SHA-1, as well as other HASHES are NOT suitable for data encryption.  They are used for signing and other sorts of verification schemes.

In this question, the log files themselves are NOT encrypted with SHA-1.  They may be hashed with SHA-1 and they may (or may not) be encrypted using some other scheme.
0
 
LVL 18

Expert Comment

by:decoleur
ID: 17032950
yes j you are right, SHA is a hash and it is not encryption... did I ever say that it was?

SHA is however also called a cryptographic hash function that is computationally infeasable to reverse engineer. for more info: http://unixwiz.net/techtips/iguide-crypto-hashes.html

I still think we need more information about the configuration to assist.

cheers-

-t
0
 
LVL 32

Expert Comment

by:jhance
ID: 17235553
It's my opinion that this question is fully answered.
0
 
LVL 18

Expert Comment

by:decoleur
ID: 17240933
the question was answered, sha is a cryptographic one way hash, the poster wanted a way to reverse the process.

the answer was that it could not be done. we both said it in different ways.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
fb messenger security and privacy 15 95
Scan Mac for security breach? 5 42
rajdeep0081@hotmail.com 3 71
windows event log error 1000 DSM what does this mean? 5 36
One of the biggest threats in the cyber realm pertains to advanced persistent threats (APTs). This paper is a compare and contrast of Russian and Chinese APT's.
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question