Decrypt encrypted String

Question

I have one already created project.

In this they are using one method for encrypting the String. In this project now I have to create a method which I can used for decrypting the encrypted string.

For encrypting a string the below method is used

private String EncryptPwd(String pwd) {
    String encryptPwd = "";
    if (!pwd.isEmpty()) {
        byte[] sha1Bytes = EncryptionUtils.getSha1(pwd);
        StringBuilder sb = new StringBuilder();
        for (byte b : sha1Bytes) {
            sb.append(b);
        }
        encryptPwd = sb.toString();
    }
    return encryptPwd;
}

EncryptionUtils class code is given below

import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.log4j.Logger;

public final class EncryptionUtils {
    private static QueueCacheValueCloner<byte[]> byteArrayCloner = new QueueCacheValueCloner() {
        public byte[] cloneBean(byte[] original) {
            return (byte[]) original.clone();
        }
    };

    private static Logger logger = MiscUtils.getLogger();
    private static final MessageDigest messageDigest = initMessageDigest();
    private static final QueueCache<String, byte[]> sha1Cache = new QueueCache(4, 2048, byteArrayCloner);
    private static final int MAX_SHA_KEY_CACHE_SIZE = 2048;

    private static MessageDigest initMessageDigest() {
        try {
            return MessageDigest.getInstance("SHA-1");
        } catch (NoSuchAlgorithmException e) {
            logger.error("Error", e);
        }
        return null;
    }

    public static byte[] getSha1(String s) {
        byte[] b = (byte[]) sha1Cache.get(s);
        if (b == null) {
            b = getSha1NoCache(s);
            if (s.length() < 2048) {
                sha1Cache.put(s, b);
            }
        }
        return b;
    }

    protected static byte[] getSha1NoCache(String s) {
    }

    public static SecretKey generateEncryptionKey() throws NoSuchAlgorithmException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(128);
        SecretKey secretKey = keyGenerator.generateKey();
        return secretKey;
    }

    public static SecretKeySpec generateEncryptionKey(String seed) {
        byte[] sha1 = getSha1(seed);
        SecretKeySpec secretKey = new SecretKeySpec(sha1, 0, 16, "AES");
        return secretKey;
    }

    public static byte[] encrypt(SecretKey secretKey, byte[] plainData) throws IllegalBlockSizeException,
            BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
        if (secretKey == null) {
            return plainData;
        }
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(1, secretKey);
        byte[] results = cipher.doFinal(plainData);
        return results;
    }

    public static byte[] decrypt(SecretKey secretKey, byte[] encryptedData) throws NoSuchAlgorithmException,
            NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        if (secretKey == null) {
            return encryptedData;
        }
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(2, secretKey);
        byte[] results = cipher.doFinal(encryptedData);
        return results;
    }
}

Now I have to create a method for decrypting the encrypted string.

So can anyone suggest me how can I decrypt a String which is encrypted by above EncryptPwd method.

Answer 1

Hashing is not encryption. Secure hashing is a one way function that creates output of a certain length indistinguishable from random to an attacker not knowing the original input.

The only way to "reverse" the hash is to test all possible input values. If you find the correct hash then you've found the input, as it is computationally impossible to find two messages that generate the same output value. At least, that used to be the case until Google found a way to create so called SHA-1 collisions using the Shattered attack. This will however not have any effect on strings like password that usually have size and format limitations.

Just hashing the password using SHA-1 is making yourself susceptible to rainbow table attacks. Duplicate passwords can also easily be identified (if there are multiple accounts). Caching the result will also make your password table susceptible to simple timing attacks. Just maybe using a real password hash such as Argon2 and requiring a specific password strength would be a good idea.

The way to verify a password hash is then to perform the same calculation, starting from a given password (salt and work factor) and then compare the result. Decryption doesn't come into it.

Answer 2

SHA1 is a hash function designed in a way that you should not be able to decrypt anything that is "encrypted" (well really it's not encrypted - it's just hash of the message - as suggested in comments) with it (as it's on-directional function)

Instead you can store in your system SHA signature (not original password) and compare the signature (if you know how to generate it).

This has advantage that nobody knows the password (except the user), and you still can verify if he entered it correctly (you just know how to generate SHA from user input, but do not store his password in plain text)