2
I need to change this code to decrypt the data with it encrypted:
public static string MD5HashCrypt(string text)
{
MD5 md5 = new MD5CryptoServiceProvider();
//compute hash from the bytes of text
md5.ComputeHash(ASCIIEncoding.ASCII.GetBytes(text));
//get hash result after compute it
byte[] result = md5.Hash;
StringBuilder strBuilder = new StringBuilder();
for (int i = 0; i < result.Length; i++)
{
//change it into 2 hexadecimal digits
//for each byte
strBuilder.Append(result[i].ToString("x2"));
}
return strBuilder.ToString();
}
MD5 is a hash (very insecure, alias). You will not be able to reverse. The only way to "reverse" would be to do an exhaustive search until you find another value with the same hash, but that doesn’t guarantee that you found the original value. Anyway, if you want to get the original text at a future time, you need to use encryption and not summaries. You can use AES-CGM or Chacha20poly1305, for example. This way only those who hold a cryptographic key can read the data.
– Inkeliz
Hash by itself does not decrypt, there are ways to break as @Inkeliz said, but by default that’s it. So some sites when you lose the password and they use hash you get a new password in the email, when the site sends you your current password in the email you can be sure that their security is garbage ! :)
– Thiago Loureiro
@Inkeliz why insecure? Could you explain to me?
– CypherPotato
@Cypherpotato is extremely easy to collide, this was already possible since 1994, with a machine that cost ~10 million dollars and takes only 21 days. You’ve already managed forging SSL signatures using 200 Playstation 3, SHA-1 is on the same level, including certificates SSL using SHA-1 are no longer trusted. NSA already recommends using 384 bits, while ECRYPT II recommends using 512-bit hashes if you want to survive past 2040. Not even paddings using SHA-1 should be considered safe.
– Inkeliz