CODEWITHSUNDEEP
phpalgorithmsecurity
lychee
lychee

Reputation: 1861

where hash() function is used and why

The function in php string hash ( string $algo , string $data [, bool $raw_output = false ] ) where algo=Name of selected hashing algorithm (i.e. "md5", "sha256", "haval160,4", etc..), data=Message to be hashed., raw_output=When set to TRUE, outputs raw binary data. FALSE outputs lowercase hexits. so if I have this example

<?php
echo hash('ripemd128', 'The quick brown fox jumped over the lazy dog.');
?>

The above example output (which looks completely random): 51d43720fd516108ef5ed20e9031bb865ede861e

So I'm wondering where such functions is used and why? also Is there a way or a function to revert the output to the original string back again?

Upvotes: 0

Views: 189

Answers (3)

boblgum
boblgum

Reputation: 36

this functions are used to compute a kind of "fingerprint" for some data. in your example this will be your string. same algorithm will produce the same hash for the same input data. if you change input data the computed hash will be different.

a popular usage is storing passwords. so you don't store passwords in clear text but hashed values.

for the second part of your question: hash algorithms are "one-way" only (should be ;)). so you can not restore the input data from hashed value.

Upvotes: 0

Cedric
Cedric

Reputation: 1256

It is use for digital signatures like hashing the concatenated string with the secret key against the other to check if both hash string is correct, its like a key in order for you to gain access to do something.

There's no way to decrypt it because that is how it's made, it is a 1-way hash method.

if you want a method that encrypts and decrypts the string use mcrypt_encrypt and mcrypt_decrypt

Upvotes: 0

David Schwartz
David Schwartz

Reputation: 182893

So I'm wondering where such functions is used and why?

They're used in digital signature algorithms, digital fingerprinting algorithms, content-addressable storage, constructing tamper-resistant data structures that can be traversed rapidly and securely, and for fast lookups that also resist complexity attacks.

also Is there a way or a function to revert the output to the original string back again?

No. In many cases, having this ability would defeat the point of the hash. Also, it is trivial to prove that this is, as stated, impossible, using a counting argument.

Upvotes: 0

Related Questions