How to decrypt a string encrypted with HMACSHA1?

前端 未结 3 831
南笙
南笙 2021-02-08 20:12

I\'m an encryption novice trying to pass some values back and forth between systems. I can encrypt the value, but can\'t seem to figure out how to decrypt on the other end. I\

3条回答
  •  南方客
    南方客 (楼主)
    2021-02-08 20:47

    Just to expand on Jon's answer, because you're probably wondering what the point is of encrypting something that you can't decrypt - HMAC-SHA1 is, as Jon said, a hash. The string produced does not contain the original information, even in encrypted form... It's just a sequence of bytes.

    The beauty of the hash however is that any sort of change you might make in the string will almost certainly result in a change in the hash result, and the hash result tends to be fairly small. For this reason, hashs are often used to ensure that a piece of information has not been tampered with.

    For instance,

    I want to send Jon here a message - and I want him to be confident that one of his mates hasn't changed the message prior to his reading it. I can't just take the hash of my message and send that along, because all a trouble causer would have to do is replace the message with one of their own, and provide an appropriate hash...

    However, if I supply my message with a hash not of the message itself, but rather of the message with a few specific extra bytes that John and I have agreed on in advance, the trouble maker is defeated. Jon knows to add the extra bytes (commonly known as salting the hash) before he hashes my message, but the trouble causer doesn't - so if he changes the message, even though he works out his own hash, Jon can see that something is amiss...

    Encyryption / Hashes are a fiddly business, and I've barely scratched the surface myself - but I thought this might give you a simple example of what hashes are used for...

    Another very common use is for maintaining site membership information - people don't store the password, but rather the hash of the password. This means that even if someone manages to nick your user data, they are not able to use it to log into your system.

    Martin

提交回复
热议问题