2

I am new to crypto, please help me. Thanks in advance.

var seed = "adb6f118edd6ca21cd88c2709b5b395266c0b3d71bd3c55bac875a31017c29fa"
var seed_hash = CryptoJS.SHA256(seed).toString(CryptoJS.enc.Hex);

console.log(seed_hash);

The result of seed_hash is

"ead4c97002cdd8e9d60199fb23a2173fbe4065c55855608a2d1dee38891513a6"

My question is, how to convert it back to

"adb6f118edd6ca21cd88c2709b5b395266c0b3d71bd3c55bac875a31017c29fa"

and print it in the console as text.

kgangadhar
  • 4,886
  • 5
  • 36
  • 54
Ariraju SankaraNarayanan
  • 69
  • 1
  • 1
  • 3

1 Answers1

7

You cannot, SHA256 is an hash algorithm and it is known to be irreversible.

So, if you have to check up for example the password stored in DB and the password inserted in a form, you have to:

  • store the SHA256 in your DB
  • compare the stored password with the SHA256 of the actual inserted password

For same content the result will be the same.

zaph
  • 111,848
  • 21
  • 189
  • 228
MadPapo
  • 495
  • 4
  • 13
  • Thank you for your help. – Ariraju SankaraNarayanan Jul 03 '17 at 09:20
  • 1
    All true but SHA256 (any simple hash) is not sufficient and just adding a salt does little to improve the security. Instead iteration over an HMAC with a random salt for about a 100ms duration and save the salt with the hash. Use a function such as `PBKDF2`, `Rfc2898DeriveBytes`, `password_hash`, `Bcrypt` or similar functions. The point is to make the attacker spend a lot of time finding passwords by brute force – zaph Jul 03 '17 at 13:44
  • Thank you for your help. – Ariraju SankaraNarayanan Jul 04 '17 at 15:26