Reputation: 1326
Oracle Hash MD5 decryption
I use this method to encrypt my string:
RETURN RAWTOHEX(DBMS_CRYPTO.HASH(SRC=>to_hash, TYP=>dbms_crypto.HASH_MD5));
Now I have the encrypted MD5 string like:
F267E16E70C2528280A487D5D13617A6
Is there a way to decrypt this code to get the start-string again?
Upvotes: 0
Views: 20053
Answers (3)
Reputation: 6459
Hashing algorithms are one way functions. As such there is no feasible way to reverse the calculations involved and arrive at the original input value. Further hashing algorithms operate on input strings of arbitrary length but have a fixed width output, in the case of the MD5 algorithm it outputs a 16 byte hash value that could represent an input value of 16 bytes or 16,000 bytes or more.
So while you can't reverse the algorithm to retrieve the original input, you can compute the hash values of potential candidate inputs to (hopefully) find one that matches your existing hash value. Some knowledge of the original input string would be helpful in reducing the problem space of this sort of brute force attack.
Upvotes: 0
Reputation: 21135
The hash function is not isomorphic, i.e. it is not possible in general case to invert the function and get the unique original value. This is is something very different to beeing "safely decoded". If there is additional knowledge e.g. about the lenght of the string, it is very easy (with some CPU power) to get all candidate strings (i.e. the strings that map to the target hash value.
So this is probably not the optimal way to decode password etc.
Simple example for strings with length three:
select (DBMS_CRYPTO.HASH( RAWTOHEX('Scr'), 2 /* dbms_crypto.HASH_MD5*/ )) from DUAL;
93656D76795528C600E7BF7A17B09C8E
with chr as (
select chr(ascii('A') -1 + rownum) chr from dual connect by level <= 26
union all
select chr(ascii('a') -1 + rownum) chr from dual connect by level <= 26
union all
select chr(ascii('0') -1 + rownum) chr from dual connect by level <= 10
),
chr2 as (
select a.chr||b.chr||c.chr str
from chr a, chr b, chr c
)
select * from chr2
where DBMS_CRYPTO.HASH( RAWTOHEX(str), 2 /* dbms_crypto.HASH_MD5*/ )
= '93656D76795528C600E7BF7A17B09C8E'
;
Scr
Upvotes: 1
Reputation: 436
MD5 is a hashing algorithm, not really intended for encryption or decryption. So, no, there is no way to get the start-string again. Actually, given a hash, there would be many potential start-strings it could come from.
Upvotes: 2
Related Questions
- Is there any function or package to generate md5crypt string in Oracle?
- MD5 of entire row in oracle
- cast VARCHAR2 to LONG,RAW,CLOB and find HASH md5
- Column Value is Hashed or not
- MD5 Hashing in SQL Server
- How to call Oracle MD5 hash function?
- Oracle Database encoding impact on MD5 encryption
- converting varchar to md5
- How to HASH VARCHAR2 to Alphanumeric with DBMS_OBFUSCATION_TOOLKIT.MD5
- MD5 in Oracle (DBMS_OBFUSCATION_TOOLKIT.MD5)