views:

417

answers:

5

select HASHBYTES('sha','what is it') Result --0x2327A09C2FDAD132E436B5CC12E9D5D283B5BA69 is it possible to convert back hashbytes to string '0x2327A09C2FDAD132E436B5CC12E9D5D283B5BA69' as a input want to get out put as 'what is it'?

+7  A: 

Absolutely not. A hash is, by definition, one way.

What you're looking for is encryption, which you can do using the EncryptByCert and DecryptByCert functions, explained in detail here.

Eric
A: 

No. That's the whole point of a hash.

You use them for something like a password, such that every time someone tries to log in you compute the hash of the password they tried to log in with (plus a salt) and compare that with your stored value. This way even if someone (like a disgruntled employee) finds a backup tape for the database where your passwords are stored and an encryption key, they still wouldn't be able to log into your system and act on live data.

Joel Coehoorn
A: 

A hash function is defined as "one way" meaning that you convert text into a digest (the result you see above). If you are using this for password encryption the accepted usage would be to run a users input (from their password form) through the hash function and verify that it matches the stored digest.

If you wish to have decryption of a provided text input you will want to look into other cryptographic solutions such as Symmetric-key or Asymmetric-key algorithms.

Of course if you are doing any of this you are going to want to sanitize your input.

another average joe
A: 

Hashing as the previous posters mentioned, is definitely a one way operation. It takes a (potentially large) input, and processes the input quickly in such a way that the output is a small but very unique (based upon input) output. Both by design and by nature of having a small sized output, a hash cannot be undone as the original input has been lost in the conversion. Common hashing algorithms include the Message Digest family (usually MD5) and the SHA family you mentioned in your question.

Again as the previous poster mentioned, if you're looking for a 2-way operation, encryption is what you are looking for. Further more, if you want the same user to both encrypt and decrypt a string, stick with symmetric encryption. Some common algorithms used in practice today are AES, DES, and Blowfish.

tschaible
A: 

If you have a minimal perfect hash then at the very least you should be able to brute force the original input. But presumably this is not what you're asking about, if that is right then see all of the other answers :)