9

When users register, should I store their email in the db as is or hash it. I want to be able to decrypt it later, so should I use md5?

thank you!

Gal
  • 20,759
  • 30
  • 92
  • 114
  • 6
    Hashing (more or less) prevents decryption. So you certainly don't want to do that. – Quentin Nov 22 '09 at 14:50
  • 1
    I hate it when people down vote a question like this. It's not like he's giving wrong advice, he's asking a question and a concept he wants to be cleared. I Up voted you back to 0. – Faisal Abid Nov 22 '09 at 15:27
  • You should hash() all emails and keep a separate table with the key/pairs so you can rainbow unhash latter! ps. just kidding (coders humor) – Frankie Nov 27 '09 at 19:21

8 Answers8

16

No, md5() - is one-way hash function. You can't decrypt its value. Usually it used for passwords which don't need to be decrypted. Instead you compare hashes like:

$salt = "adding some secret to increasse security";
if (md5($user_password . $salt) == $user_password_hash_from_db) {
    ## password is ok
}

If you want to be able to decrypt your value, then use crypt php function instead. But it may require additional modules to be installed.

Any way I don't see any practical reason to crypt email.

Ivan Nevostruev
  • 26,025
  • 8
  • 61
  • 80
  • 2
    of course using a salted hash for storing passwords would be a good idea – tosh Nov 22 '09 at 15:14
  • 1
    Yeah, pretend that everyone and their mom knows that "md5('password') == '5f4dcc3b5aa765d61d8327deb882cf99'", 'cause every cracker that matters will know. – Kzqai Nov 22 '09 at 15:47
  • 2
    "If you want to be able to decrypt your value, then use crypt". That is wrong and if you actually bothered to read the PHP manual, you'll see it's a hashing function. http://php.net/manual/en/function.crypt.php – The Pixel Developer Nov 17 '10 at 15:14
3

It's not common to encrypt email addresses. If someone really want to keep their email private, they wouldn't give it to your site in the first place :)

gnud
  • 73,015
  • 5
  • 56
  • 76
  • 1
    Modern spamming schemes imply differently. Email lists have value in the privacy that they represent. The value is minor, especially compared to passwords, but it's there, so an encryption method is beneficial, but with email it certainly needs to be a reversible method. – Kzqai Nov 22 '09 at 15:40
1

MD5 is an hash, which makes it allmost inpossible to get the original value back. You should use an encryption instead of an hash if you want to get the email back.

Ikke
  • 90,705
  • 23
  • 91
  • 118
1

I agree that emails are a (minor) information security issue, since that becomes personal information that you've let out into the world if someone gets access to your database, but you'll be wanting a two-way encryption/decryption method to be able to pull the emails back out, as Ivan has mentioned.

Just be aware that basic MD5 hashing is no longer a secure hash.

As wikipedia says in many different ways, no longer secure ( http://en.wikipedia.org/wiki/MD5 ):

US-CERT of the U. S. Department of Homeland Security said MD5 "should be considered cryptographically broken and unsuitable for further use,"[7] and most U.S. government applications will be required to move to the SHA-2 family of hash functions by 2010.[8]

I think one major problem with it is that there are rainbow tables of md5 hashes all over these days, so bare md5 is very susceptible to brute forcing.

Consider it a useful tool for minor obsfucation and sanitizing complex data sets, but it is not a truly secure hash any more. There may be special hoops that you can jump through like both using a salt and performing nested md5 hashings to make it more secure, though I'm no cryptographer. You might want to check out other SO threads like this one for good overall encryption solutions.

Community
  • 1
  • 1
Kzqai
  • 21,270
  • 21
  • 97
  • 131
0

When you use md5 you won't be able to decrypt it. md5 is a one-way-hash function.

jitter
  • 51,939
  • 11
  • 106
  • 120
0

md5 isn't an encryption method it's a one way hash. There's no reason to encrypt email addresses in the database. I would leave them as is.

Galen
  • 29,108
  • 8
  • 66
  • 88
0

If you intend to decrypt them later,MD5 won't be an option, since it only hashes strings, you lose the original data.

I suggest you try some of the built-in PHP encryption functions for that.

Daniel Sorichetti
  • 1,901
  • 1
  • 20
  • 34
0

The other answers say it all.

However, you should always encrypt hash passwords with at least md5() and a salt, as pointed out in Ivan's reply.

Pekka
  • 418,526
  • 129
  • 929
  • 1,058