Quote:
|
Originally Posted by hacker
If you have a one-way hash, it absolutely cannot be used as a "decryption key" in any way, period...You cannot use a one-way hash as a key to decrypt anything. Hashes are encoded, not encrypted.
|
Hacker, you misunderstand the concept of using a hash key. The hash function is used for the purpose of key derivation here.
1. You take an input ABC.
2. You run ABC through a hash function Hash(ABC) and receive DEF. Note that you ALWAYS receive DEF whenever ABC is given as the input.
3. You use DEF as the key for symmetric encryption/decryption.
Note that DEF is of a fixed size, as determined by the hash algorithm.
MD5 is 128bit (or 16 bytes)
SHA is 160bit (or 20 bytes)
SHA-2 is 256bit (or 32 bytes)
So let's say you have a cipher that requires a 256bit key (AES for instance). The way to generate a 256bit key is through one of the hashing algorithms that generates a 256bit digest (SHA-2 for instance). So a phrase, a password, or a credit card of any length can be hashed to generate a key of the required size for encrypting data.