?
Solved

Decryption of a file,whose encrypted algorithm is not known

Posted on 2006-07-02
10
Medium Priority
?
627 Views
Last Modified: 2010-04-11
i am working with Authentication log files.i installed certificate authentication server.when i view its log files.they are encrypted with SHA1 algorithm,but i dont know about this algorothm,nor do i have its decryption key.
is there any way to view those log files.
urgently required
0
Comment
Question by:tulipnoor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
10 Comments
 
LVL 32

Accepted Solution

by:
jhance earned 2000 total points
ID: 17030025
SHA1 is not an encryption algorithm but rather a HASH algorithm.  SHA1 hashed data is not decrypted since this is a ONE-WAY hashing function.  Its purpose is to "sign" or validate a block of data so that you can know it's not been altered rather than to provide security against outsiders from viewing the data.

Hashes are used with log files to permit the administrator to determine whether or not the log files have been altered.  An attacker will  not be able to generate the same hash from the altered data so the attack will be detected.

The way you use the hash is to use the (publicly available) SHA1 algorithm to re-hash the log file data and validate that the hash you calculate matches the original hash.
0
 
LVL 32

Expert Comment

by:jhance
ID: 17030027
0
 
LVL 18

Expert Comment

by:decoleur
ID: 17030350
we need more information about your configuration.

on first glance, without knowing the application or the OS... No you will not be able to read those logs, although there are issues with the security of SHA you cannot easily reverse engineer a hash file of a log file to determine its content.
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 
LVL 32

Expert Comment

by:jhance
ID: 17030923
???
0
 
LVL 32

Expert Comment

by:jhance
ID: 17031326
decoleur,

SHA-1 is a HASH, not an encryption scheme.  It's a ONE WAY HASH, that means that even knowing the key doesn't get you back to the plaintext.  SHA-1, as well as other HASHES are NOT suitable for data encryption.  They are used for signing and other sorts of verification schemes.

In this question, the log files themselves are NOT encrypted with SHA-1.  They may be hashed with SHA-1 and they may (or may not) be encrypted using some other scheme.
0
 
LVL 18

Expert Comment

by:decoleur
ID: 17032950
yes j you are right, SHA is a hash and it is not encryption... did I ever say that it was?

SHA is however also called a cryptographic hash function that is computationally infeasable to reverse engineer. for more info: http://unixwiz.net/techtips/iguide-crypto-hashes.html

I still think we need more information about the configuration to assist.

cheers-

-t
0
 
LVL 32

Expert Comment

by:jhance
ID: 17235553
It's my opinion that this question is fully answered.
0
 
LVL 18

Expert Comment

by:decoleur
ID: 17240933
the question was answered, sha is a cryptographic one way hash, the poster wanted a way to reverse the process.

the answer was that it could not be done. we both said it in different ways.
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
With the rising number of cyber attacks in recent years, keeping your personal data safe has become more important than ever. The tips outlined in this article will help you keep your identitfy safe.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question