I know this might be quite complicated, but I'm just looking for opinions about this idea. I'm planning to save a specific file in a database, then I was wondering if how could I make it more secure. So I think of converting it into bytes, perform a hashing algorithm, then save it in my database. But my problem with this is that, I'm not sure, and I have no idea if this is the right way to do it. And can I be able to retrieve those files to its original phase? Hope someone could help. Thanks!
Asked
Active
Viewed 417 times
0
-
3Not to state the obvious, but a *hash* is a one-way operation - you can't retrieve the original from its hash value. – GalacticCowboy Feb 05 '13 at 03:33
-
1I don't think you want to hash your file. I think you want to encrypt it. – juharr Feb 05 '13 at 03:35
-
You do know that hashing is one way operation... so answers likely would assume that you want to save both content and hash (to guarantee correctness of information)... Or you want encryption? – Alexei Levenkov Feb 05 '13 at 03:35
-
Just a side note: Depending on the requirement of a pair of private and public keys, you may want to search terms *Encoding* and *Encryption* as well. The first one do not require keys and by knowing the algorithm one can revert the encoded file back to the original one; while the latter requires keys, and one needs to know both the algorithm and the keys to retrieve the encrypted file. They both have proper classes in .NET framework. – Sina Iravanian Feb 05 '13 at 03:35
2 Answers
2
You can surely hash a file and save the hash value.
Have a look at HashAlgorithm.ComputeHash
http://msdn.microsoft.com/en-us/library/xa627k19.aspx
The MSDN example gets the point across but is flawed:
FileStream fileStream = fInfo.Open(FileMode.Open);
// Be sure it's positioned to the beginning of the stream.
fileStream.Position = 0;
// Compute the hash of the fileStream.
hashValue = myRIPEMD160.ComputeHash(fileStream);
Please be sure and dispose of things like FileStream that implement IDisposable.
UPDATE
Just to be clear... the hash is useful to validate the file has not been changed/tampered with since the hash was created.
You still must store the file itself. You cannot re-create the file from the hash.
Eric J.
- 147,927
- 63
- 340
- 553
-
Hashing some input data generates a hash code for sure but there's no way to revert the hash into the original data. – xxbbcc Feb 05 '13 at 03:34
-
Is there also a possibility, or can I retrieve those hashed files? And make it come again as it was before? – nsutgio Feb 05 '13 at 03:34
-
1@nsutgio Not if you only store the hash code. You need to store the file data as well. – xxbbcc Feb 05 '13 at 03:35
-
+1 answers the question as asked... Also inability to restore file by hash may surprise OP. – Alexei Levenkov Feb 05 '13 at 03:36
-
1
If you're talking about performing a cryptographic hash in order to make it more secure (i.e. encrypted) the problem with that, is that it is non-recoverable.
If you want to encrypt the file, then I would look into using AES (Simple insecure two-way "obfuscation" for C#)
Now, if you're creating a hash check value (or MD5 Checksum) of the file for later comparison purposes that's perfectly acceptable and do-able as per Eric's post
Community
- 1
- 1
Stephen Wrighton
- 36,783
- 6
- 67
- 86