I know there are plenty of materials for this question. But I just can’t help but stuck in data retrieval question. If I know the hash key of hashed data , do I have access to it ?
E.g
`DECLARE @HashThis NVARCHAR(32)`
`SET @HashThis = ‘data’`
`SELECT HASHBYTES(‘SHA2_256’, u/HashThis);`
Let’s imagine hash key is 0x741238C01D9DB821CF171BF61D72260B998F7C7881D90091099945E0B9E0C2E3
Now, if I know this hash key, do I have access to data ?Basically, all attacker needs to know is this hash key ?
If it is not about key and I need algo to get hashed data, then what stops attackers from using this algorithm
In: 1
A hash function is a one way function. Given the data, it is possible to compute the hash. But going the other way is not possible. So suppose I have a file and I publish the hash for it. Another system can compute the hash and see that the file has not been changed, because they get the same hash.
In your case, they can’t go backwards from your hashkey to the original data. This is often used for passwords. So I input my password when I create an account. If they just stored the password, then if someone stole the password file, they could log in as me. But if instead they store the hash, an attacker can’t go backwards from the hash to my password. But the system can take the password I type when I log in, hash it and compare the hash to the one in the password file. If they match it is the same password and they let me in.
Latest Answers