How might i decrypt something?

[MARBLE MAN]

I was playing around with sha1 and i wondered how to decrypt the things i encrypted...
is it possible?
%test = sha1("words");
outputs:
efb893611e6f56f...
how would i decrypt this?

[Ad Bot]

[Ipquarx]

The entire point of a hash function is to not be able to decrypt it.

BUT

if you REALLY REALLY REALLY need to do it, there are several methods, but they would all take much too long in torquescript (stupid speeds) to be practical.

Again, if you really want to, you can look up the methods online.

Edit: Also, I think you're confusing sha1 with an encryption algorithm, which sha1 is not.
sha1 is what's called a hash. A hash is *supposed to be* a one-way only function. You input something, and it gives you a 100% unique output.

[MARBLE MAN]

well...
stupid Algorithms...

[Ipquarx]

If you want help I can help you out, but i personally have never tried it before, so I don't know how difficult it would be.

[Xalos]

If this is for passwords, you don't need to decrypt it. Just check if the strings are the same.

if(strStr(%someEncodedText, sha1(%notEncodedText)) == 0)
    //Code for password correctness
else
    //Code for password incorrectness

[Treynolds416]

You could write your own decode/encode script if you want to do things of that nature

[Ipquarx]

You could write your own decode/encode script if you want to do things of that nature

Too bad that's a very difficult thing, to make a decent encryption algorithm in torque. I personally have made one myself, but idk if you'd call it good.

[Treynolds416]

Too bad that's a very difficult thing, to make a decent encryption algorithm in torque. I personally have made one myself, but idk if you'd call it good.

Unless he's doing passwords (in which case he should use Xalos' code), it doesn't take a terribly powerful cypher to fool the average blocklander. I mean, even a generic ROT13 cypher could easily work for his purposes

[Ipquarx]

Unless he's doing passwords (in which case he should use Xalos' code), it doesn't take a terribly powerful cypher to fool the average blocklander. I mean, even a generic ROT13 cypher could easily work for his purposes

I agree it would work for basic stuff, but if he doesn't want anyone reading it then he should use something more advanced.

[MARBLE MAN]

If this is for passwords, you don't need to decrypt it. Just check if the strings are the same.

if(strStr(%someEncodedText, sha1(%notEncodedText)) == 0)
    //Code for password correctness
else
    //Code for password incorrectness

That is why i was playing around with sha1, i was looking at your startpass
is there a sha512 for tge?

[Xalos]

According to isFunction("sha512") - no, there is not.

[Destiny/Zack0Wack0]

If you only need to encrypt it and decrypt it once, you could easily use a one time pad, otherwise the best you're going to get is a basic shift cipher (maybe a really stuffty and slow stream cipher). Depending on the frequency of requests, you might also be able to generate new keys over and over for each packet (send the new key of %n length in the next packet) and use the one time pad.

[Xalos]

generate new keys ... one time pad.

The only thing that makes the one-time pad encryption method more secure than encryption functions comparable in workload is that it's impossible to know what the key used is, and therefore impossible to extrapolate the original text. Generating keys through any form of generator compromises that security.

That's also the reason you can't re-use keys. An attacker could XOR the two encrypted strings together to get the key, then XOR that against the two strings to get the original text for both, thus totally compromising the encryption.


In fact, the one-time pad is incredibly difficult to put into practice at all due to inherent vulnerabilities over any possible communication line. It's only uncrackable in a theoretic situation where both parties have successfully recieved the keytext without interception and never misuse the keytext (using any portion of it twice).

[Destiny/Zack0Wack0]

The only thing that makes the one-time pad encryption method more secure than encryption functions comparable in workload is that it's impossible to know what the key used is, and therefore impossible to extrapolate the original text. Generating keys through any form of generator compromises that security.

That's also the reason you can't re-use keys. An attacker could XOR the two encrypted strings together to get the key, then XOR that against the two strings to get the original text for both, thus totally compromising the encryption.


In fact, the one-time pad is incredibly difficult to put into practice at all due to inherent vulnerabilities over any possible communication line. It's only uncrackable in a theoretic situation where both parties have successfully recieved the keytext without interception and never misuse the keytext (using any portion of it twice).

Yeah, if you had actually read my message you would have seen that only one key would be used per encrypt/decrypt. I know how the OTP works and that it has vulnerabilities, but like I mentioned it's probably one of the only schemes that is simplistic enough to be applicable in TorqueScript. To say that the OTP is vulnerable to MITM attacks is like saying cats have fur - every single cipher is.

Besides, using ciphers in Blockland just isn't worth it. Unless you're making some sort of massive slave to master server system that needs the API to be public (e.g. if you were making an MMO add-on that anyone could host and communicate with the master server or something like that), don't even bother.