Decrypt from SHA256

Asked 22/4, 2012 at 20:3 Answered 10/11, 2022 at 5:43

I have that code to encrypt string to sha256 and next to base64:

 public static string Sha256encrypt(string phrase)
    {
        UTF8Encoding encoder = new UTF8Encoding();
        SHA256Managed sha256hasher = new SHA256Managed();
        byte[] hashedDataBytes = sha256hasher.ComputeHash(encoder.GetBytes(phrase));
        return Convert.ToBase64String(hashedDataBytes);
    }

How can I decrypt my password in other side?

Sanctify answered 22/4, 2012 at 20:3 Comment(1)

Check out the following codinghorror.com/blog/2012/04/speed-hashing.html for information on hashing passwords. – Archipenko 22/4, 2012 at 20:8

You cannot decrypt the result of a One Way Hash. What you should do instead is compare a hash of the entered password versus the stored hash in the database.

Example:

var password = "1234";
var hashedPassword = Sha256encrypt(password);

var allowLogin = hashedPassword == storedPassword; //storedPassword from Database, etc.

This is only the very basics though, when using hashing algorithms you should consider using a Salt too.

Peccary answered 22/4, 2012 at 20:7 Comment(4)

More than a salt, you should be iterating your hash. Or better (much better), don't invent it yourself: use PBKDF2, scrypt, or bcrypt. – Willms 23/4, 2012 at 2:53

Sha256 can be decrypted, please check the website md5decrypt.net/en/Sha256/#answer – Esoterica 19/11, 2020 at 12:45

@Esoterica - that doesn't decrypt it, it just looks for a matching hash in a database. You cannot reverse SHA256 as it is destructive, you only ever get 256 bits no matter how much data you put in. War and Peace can be SHA256'd but you can not get War and Peace back from the Hashed Bits. – Peccary 19/11, 2020 at 18:56

"you only ever get 256 bits no matter how much data you put in" that makes me understand SHA256 thank you @Peccary – Esoterica 26/11, 2020 at 5:35

It is impossible per se. SHA is a hash function, which implies it is one-way and used just for validation and similar things. Since the result of SHA-256 is of fixed length (256 bits) that also means that most of the information is lost when computing it.

You can brute-force it though, meaning that you could try and compute hash of a large number of different inputs and see if the hash matches.

Sometime in the future a cryptographic weakness may be found for SHA thus making it breakable but practically it is not a reversible function.

See details about hash functions on Wikipedia.

Necktie answered 22/4, 2012 at 20:4 Comment(0)

In Ruby

digest = Digest::SHA256.new
decrypt_sha256 = digest.hexdigest(v)
if decrypt_sha256 == hash
  return v
end

end return nil

Eyebolt answered 10/11, 2022 at 5:43 Comment(1)

OP is asking about C# code, question is tagged with C# tag. Not ruby. – Haunch 17/4, 2023 at 22:40

Recommended topics

Hot tags