SHA-1

Encryption calculates a numeric footprint of 40 hexadecimal characters. The algorithm uses non linear functions, here are the 3 main ones:

$$ C(x,y,z) = (x \wedge y) \vee (\lnot x \wedge z) \\ P(x,y,z) = x \oplus y \oplus z \\ M(x,y,z) = (x \wedge y) \vee (x \wedge z) $$

With \( x,y,z \) portions of string to encode or fixed values among 0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, 0xC3D2E1F0...

Example: dCode is crypted with the footprint 15fc6eed5ed024bfb86c4130f998dde437f528ee.

As encryption is a hashing based on nonlinear functions, there is no decryption method. This means that to retrieve the password corresponding to a sha-1 hash, there is no choice but to try all possible passwords!

Technically, this operation would take several thousand years, even on the most powerful computers in the world. However, the list of passwords used in real life is more restricted, and it becomes possible to precalculate the most likely fingerprints.

dCode uses its word databases (10 million potential passwords) to speed up this processing. However, if the password is rare, it will not be found.

The hash is composed of 40 hexadecimal characters among 0123456789abcdef.

The database search can be complicated by inserting salt to the word (a prefix or a suffix, or both). Indeed, if it is already difficult but possible to precalculate the fingerprints of all the words, it becomes even more difficult to precalculate with all possible prefixes and suffixes.

Example: SHA1(dCode) = 15fc6eed5ed024bfb86c4130f998dde437f528ee but SHA1(dCodeSUFFIX) = 9b63fcb31388acee8879018244a3d107033890f1

Another (not recommended) variant is DOUBLE SHA1, that consists in applying SHA1 twice.

A rainbow table is a database of words with all the hashs pre-computed and stored in order to accelerate and be able to parallelize the calculations of fingerprints.

SHA1 stands for Secure Hash Algorithm

By the National Security Agency in 1995