Solved

Decryption of a file,whose encrypted algorithm is not known

Posted on 2006-07-02
10
626 Views
Last Modified: 2010-04-11
i am working with Authentication log files.i installed certificate authentication server.when i view its log files.they are encrypted with SHA1 algorithm,but i dont know about this algorothm,nor do i have its decryption key.
is there any way to view those log files.
urgently required
0
Comment
Question by:tulipnoor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
10 Comments
 
LVL 32

Accepted Solution

by:
jhance earned 500 total points
ID: 17030025
SHA1 is not an encryption algorithm but rather a HASH algorithm.  SHA1 hashed data is not decrypted since this is a ONE-WAY hashing function.  Its purpose is to "sign" or validate a block of data so that you can know it's not been altered rather than to provide security against outsiders from viewing the data.

Hashes are used with log files to permit the administrator to determine whether or not the log files have been altered.  An attacker will  not be able to generate the same hash from the altered data so the attack will be detected.

The way you use the hash is to use the (publicly available) SHA1 algorithm to re-hash the log file data and validate that the hash you calculate matches the original hash.
0
 
LVL 32

Expert Comment

by:jhance
ID: 17030027
0
 
LVL 18

Expert Comment

by:decoleur
ID: 17030350
we need more information about your configuration.

on first glance, without knowing the application or the OS... No you will not be able to read those logs, although there are issues with the security of SHA you cannot easily reverse engineer a hash file of a log file to determine its content.
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 32

Expert Comment

by:jhance
ID: 17030923
???
0
 
LVL 32

Expert Comment

by:jhance
ID: 17031326
decoleur,

SHA-1 is a HASH, not an encryption scheme.  It's a ONE WAY HASH, that means that even knowing the key doesn't get you back to the plaintext.  SHA-1, as well as other HASHES are NOT suitable for data encryption.  They are used for signing and other sorts of verification schemes.

In this question, the log files themselves are NOT encrypted with SHA-1.  They may be hashed with SHA-1 and they may (or may not) be encrypted using some other scheme.
0
 
LVL 18

Expert Comment

by:decoleur
ID: 17032950
yes j you are right, SHA is a hash and it is not encryption... did I ever say that it was?

SHA is however also called a cryptographic hash function that is computationally infeasable to reverse engineer. for more info: http://unixwiz.net/techtips/iguide-crypto-hashes.html

I still think we need more information about the configuration to assist.

cheers-

-t
0
 
LVL 32

Expert Comment

by:jhance
ID: 17235553
It's my opinion that this question is fully answered.
0
 
LVL 18

Expert Comment

by:decoleur
ID: 17240933
the question was answered, sha is a cryptographic one way hash, the poster wanted a way to reverse the process.

the answer was that it could not be done. we both said it in different ways.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ready for our next Course of the Month? Here's what's on tap for June.
Email attacks are the most common methods for initiating ransomware and phishing scams. Attackers want you to open an infected attachment or click a malicious link, and unwittingly download malware to your machine. Here are 7 ways you can stay safe.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question