是否可能重构加密哈希的密钥 [英] Is It Possible To Reconstruct a Cryptographic Hash's Key

问题描述

我们想加密（SHA-256）在我们的数据库中散列一个秘密值。由于我们希望使用此方式来查找数据库中的各个记录，因此我们不能对每个加密值使用不同的随机盐。我的问题是：给予我们无限制访问我们的数据库，并且鉴于攻击者至少知道一个秘密值和散列值对，攻击者是否可以反转设计加密密钥？ IE，攻击者是否能够反转所有的哈希值并确定所有的秘密值？

如果是这样的话，似乎这样会破坏加密哈希的全部目的，所以也许我错过了一些。

解决方案

总之，。

We would like to cryptographically (SHA-256) hash a secret value in our database. Since we want to use this as a way to lookup individual records in our database, we cannot use a different random salt for each encrypted value.

My question is: given unlimited access to our database, and given that the attacker knows at least one secret value and hashed value pair, is it possible for the attacker to reverse engineer the cryptographic key? IE, would the attacker then be able to reverse all hashes and determine all secret values?

It seems like this defeats the entire purpose of a cryptographic hash if it is the case, so perhaps I'm missing something.

解决方案

In short, yes.

这篇关于是否可能重构加密哈希的密钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！