Solved

Decryption of a file,whose encrypted algorithm is not known

Posted on 2006-07-02
10
625 Views
Last Modified: 2010-04-11
i am working with Authentication log files.i installed certificate authentication server.when i view its log files.they are encrypted with SHA1 algorithm,but i dont know about this algorothm,nor do i have its decryption key.
is there any way to view those log files.
urgently required
0
Comment
Question by:tulipnoor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
10 Comments
 
LVL 32

Accepted Solution

by:
jhance earned 500 total points
ID: 17030025
SHA1 is not an encryption algorithm but rather a HASH algorithm.  SHA1 hashed data is not decrypted since this is a ONE-WAY hashing function.  Its purpose is to "sign" or validate a block of data so that you can know it's not been altered rather than to provide security against outsiders from viewing the data.

Hashes are used with log files to permit the administrator to determine whether or not the log files have been altered.  An attacker will  not be able to generate the same hash from the altered data so the attack will be detected.

The way you use the hash is to use the (publicly available) SHA1 algorithm to re-hash the log file data and validate that the hash you calculate matches the original hash.
0
 
LVL 32

Expert Comment

by:jhance
ID: 17030027
0
 
LVL 18

Expert Comment

by:decoleur
ID: 17030350
we need more information about your configuration.

on first glance, without knowing the application or the OS... No you will not be able to read those logs, although there are issues with the security of SHA you cannot easily reverse engineer a hash file of a log file to determine its content.
0
Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

 
LVL 32

Expert Comment

by:jhance
ID: 17030923
???
0
 
LVL 32

Expert Comment

by:jhance
ID: 17031326
decoleur,

SHA-1 is a HASH, not an encryption scheme.  It's a ONE WAY HASH, that means that even knowing the key doesn't get you back to the plaintext.  SHA-1, as well as other HASHES are NOT suitable for data encryption.  They are used for signing and other sorts of verification schemes.

In this question, the log files themselves are NOT encrypted with SHA-1.  They may be hashed with SHA-1 and they may (or may not) be encrypted using some other scheme.
0
 
LVL 18

Expert Comment

by:decoleur
ID: 17032950
yes j you are right, SHA is a hash and it is not encryption... did I ever say that it was?

SHA is however also called a cryptographic hash function that is computationally infeasable to reverse engineer. for more info: http://unixwiz.net/techtips/iguide-crypto-hashes.html

I still think we need more information about the configuration to assist.

cheers-

-t
0
 
LVL 32

Expert Comment

by:jhance
ID: 17235553
It's my opinion that this question is fully answered.
0
 
LVL 18

Expert Comment

by:decoleur
ID: 17240933
the question was answered, sha is a cryptographic one way hash, the poster wanted a way to reverse the process.

the answer was that it could not be done. we both said it in different ways.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OnPage: Incident management and secure messaging on your smartphone
Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question