-2

In Java I can create a two way Hash function - if I implemented with MD5 I could write the methods toMD5Hash() and fromMD5Hash for a reversible process.

Further than that I could use TripleDes with key-based encryption in Java to encrypt a String and then reverse it again.

But if I have access to the code, then I can get the algorithm used, and I have the key then I can reverse it. (For this reason lots of online password checking uses a one-way hash like bcrypt.)

So I'm trying to work out why a product like Hashicorp Vault (for which the code is open source) is 'more secure' than writing my own Java two-way hash. Can't I just read the Vault source code, get the key and the hashing function and decrypt all the secrets?

My question is: What makes storing secrets in Hashicorp Vault different to using a two-way hash in Java?

schroeder
  • 125,553
  • 55
  • 289
  • 326
hawkeye
  • 207
  • 1
  • 7
  • 6
    how do you code "fromMD5Hash" to reverse? – schroeder May 15 '17 at 10:34
  • 4
    Let's ignore the fact you are confusing hashing with encryption. You are basing your idea on assumption that there is one secret key stored somewhere in Vault source code. To better understand how Vault works please see [this](https://www.vaultproject.io/docs/internals/architecture.html). Besides that, you are confusing the actual purpose of the Vault and similar software. They are solving a specific need in an enterprise environment and you are comparing it with (bad) general purpose encryption in a Java application. Saying it is like comparing apples and bricks would be an understatement. – Marko Vodopija May 15 '17 at 12:19
  • Hashes are alway one way. Even if you try to brute force on collision, it is still one way. – mootmoot May 15 '17 at 15:56
  • // , @hawkeye were you referring to this https://cs.stackexchange.com/questions/69422/two-way-hash-functions – Nathan Basanese May 04 '18 at 21:55

2 Answers2

2

MD5 isn't reversible, except with a brute force approach, and you can't write your proposed "fromMD5Hash" method. Indeed, no hash can be entirely reversible, since it will always be the case that multiple different original strings have the same hash value. The whole point of cryptographic hash functions is that they can't be (computationally feasibly) reversed, even if you have the source code and know the algorithm.

Mike Scott
  • 10,134
  • 1
  • 28
  • 35
2

Of course you could implement something yourself to securely store secrets. At a extreme, you could reimplement Hashicorp Vault yourself to get the same functionality. The main advantage of Hashicorp Vault is that it is a complete, reusable, trustworthy component. This has the advantage that you don't need to reinvent the wheel yourself.

It seems that you are not an expert in cryptography. You talk about reversing an MD5 hash, which is not possible. Furthermore, MD5 and 3DES have been superseded by more modern and secure algorithms for years. By using a trusted third-part component, you don't have to learn cryptography or worry about which algorithms are outdated. Presumably Hashicorp Vault was made by people with an advanced understanding of cryptograph. This makes using their product more secure than building your own.

Sjoerd
  • 28,897
  • 12
  • 76
  • 102