salt-cryptographybrute-forcecracking

Get constant SALT from encrypted and clear text values


I have a constant SALT that is appended to every cookie before it is encrypted with sha512. If I know the clear text and the final encrypted values of more than one cookie, is it possible to use a tool like john the ripper to guess the salt value?

The answers I found on the internet talk about finding the password, but i'm interested in finding the salt.


Solution

  • Short Answer:

    No you can't.


    Reasons:

    1. First of all sha512 is a hashfunction. You can't "decrypt" hashfunctions. If it would be able to do this, sha512 would not be safe.

    2. Days ago google found the first collision in 6,610 CPU-Years.

      Source: First sha512 Hashcollsion

      (This is not an attack!) They used an amount of distributed systems. So a normal program like john-the-ripper wouldn't be able to do this.