0

I found this code from here How to SHA1 hash a string in Android? to encrypt a string using SHA1 which is working perfectly fine,

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

public class SHA1Encryption {

    public static String SHA1(String text) throws NoSuchAlgorithmException,
            UnsupportedEncodingException {
        MessageDigest md = MessageDigest.getInstance("SHA-1");
        md.update(text.getBytes("iso-8859-1"), 0, text.length());
        byte[] sha1hash = md.digest();
        return convertToHex(sha1hash);
    }

    private static String convertToHex(byte[] data) {
        StringBuilder buf = new StringBuilder();
        for (byte b : data) {
            int halfbyte = (b >>> 4) & 0x0F;
            int two_halfs = 0;
            do {
                buf.append((0 <= halfbyte) && (halfbyte <= 9) ? (char) ('0' + halfbyte)
                        : (char) ('a' + (halfbyte - 10)));
                halfbyte = b & 0x0F;
            } while (two_halfs++ < 1);
        }
        return buf.toString();
    }

}

but I need to decrypt it back to the original string.

Can anyone help me out?

Community
  • 1
  • 1
Srujan Simha
  • 3,637
  • 8
  • 42
  • 59
  • Guess the input. That's the only way. (Btw. if this is a password, then you should not use SHA-1, but rather bcrypt, scrypt or PBKDF2) – CodesInChaos Feb 15 '13 at 12:51

4 Answers4

3

What you are basically asking is: "given a value y, find an x, such that h(x)=y." This is called finding a pre-image. The whole of point of one-way-hashing-functions (of which SHA1 is one example) is that this is not possible in any way that is faster than brute force (which would take an average of O(2^159) actions).

For further reading: http://en.wikipedia.org/wiki/Cryptographic_hash_function http://en.wikipedia.org/wiki/One-way_compression_function

Gal
  • 5,338
  • 5
  • 33
  • 55
2

You can't do this. SHA1 is a one way hashing algorithm. You can't get the original contents back.

If you want a two way encryption scheme, try using AES (or RSA, but that might be overkill).

Raghav Sood
  • 81,899
  • 22
  • 187
  • 195
0

SHA1 is a hash function sooo you can't decrypt because it isn't decrypting. Take a look at the wikipedia for cryptographic hash functions it has some general description of what hash functions and common cryptographic hash functions.

dudebrobro
  • 1,287
  • 10
  • 17
0

You cannot decrypt a value generated by a secure one-way hash algorithm. Hashing is different from encryption.

What you can do is to iterate over all possible string values, create a hash value for each string value, and compare the hashes. If you find the hash value, you can be absolutely certain that you've found the original string. The chances that you find two strings that hash to are so close to zero that you can safely assume it never happens for a cryptographically secure hash.

The number of possible strings is obviously endless, so you can only iterate over all values if you have additional knowledge about the strings. E.g. if you have a hash of a 4 digit PIN, you can use that knowledge to calculate up to all 10.000 possible hash values.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263