HMACHex reverse function

reynsnivea · October 31, 2020, 5:53pm

Hi,

Maybe I am asking some strange questions here but I am not a hash function pro…

I know hash functions in general are irreversible functions. Is the HMACHex() function reversible since it uses a secret key ? I would think it is not reversible because it uses also another algorithm like MD5 or SHA-256.

I would like to encrypt a column using HMACHex and then recover the original values. Is that possible in EasyMorph ?
In hmachex() we need to provide a “secret” key. We enter that key in EasyMorph either directly in the function or maybe via a parameter. How safe is that ? If one could get the EasyMorph file, he/she would have access to the secret key ?
Could we interpret the “key” in hmachex() as the ‘salt’ where a lot of security professionals are talking about when they are talking about a salted hash?

Remark: In the documentation online the arguments of the function are switched:

Online: https://help.easymorph.com/doku.php?id=syntax:functions:hmachex it says: HMACHex(algorithm, key, text)
In EasyMorph the “key” argrument is the third argument.

Thanks
Nikolaas

dgudkov · October 31, 2020, 6:31pm

Hi Nikolaas,

Hashing is not encryption. Hashing and encryption are different things.

Hashing is used in order to quickly detect inequality of two values. Encryption is used to conceal data.

Hashing is always irreversible. Encryption is always not.

PS. The error in the online help article has been fixed. Thanks for the tip.

reynsnivea · October 31, 2020, 6:41pm

Thanks ! As you can observe I am making my first steps in the wonderful world of encryption and hashing :).

reynsnivea · September 3, 2021, 6:28am

Hi Dmitry,

One question on this topic was unanswered if I am not mistaken.
Is there a way to encrypt a column in EasyMorph and decrypt it later without having to export it to a .dset file first?

Thanks
Nikolaas

dgudkov · September 3, 2021, 10:59am

Not possible with the standard means, unless you use .NET encryption API via PowerShell scripting.

I’m curious would be the a case for it?

reynsnivea · September 9, 2021, 7:20am

Hi,

When moving to cloud services pseudonymisation becomes more and more important.
If we could encrypt the data with some key before writing the data to the database and then decrypt later if the sensitive data is needed using EasyMorph, this would be practical.

Thanks
Nikolaas