Overview#MD5 is a one-way Message Digest Cryptographic Hash Function developed by Professor Ronald L. Rivest defined in RFC 1321.
MD5 can be used to encode a value of an arbitrary length into a 128-bit value that cannot be reversed to determine the original clear text.
MD5 is commonly used as a mechanism for checksumming data, and it is also commonly used for encoding passwords and other sensitive information.
MD5 is Cryptographically Weak#Susceptibility of MD5 to collision attacks, in which the two different message inputs generate precisely the same cryptographic hash. Because MD5 is a 128-bit function, cryptographers once expected to find a collision after completing 264 computations. A phenomenon known as the birthday Paradox reduces the number of bits of security of a given function by one half.
Weaknesses in MD5, however, reduce the requirement to just 215 (or 32,768) for a collision or 239 for more powerful chosen-prefix collisions, in which an attacker can choose different message inputs and add values that result in them having the same hash value.
These discoveries do not directly impact the security of the way that the MD5 algorithm is used, but nevertheless it may be wise to use a stronger mechanism like the Secure Hash Algorithm.
The Unofficial Home Page for MD5 has several links for further information.
More Information#There might be more information for this subject on one of the following:
- Authentication Password Syntax
- CRAM-MD5 SASL Mechanism
- Derive the Master Secret
- Glossary Of LDAP And Directory Terminology
- Known Cipher Suites
- Master Secret
- Password Storage Scheme
- RFC 1321
- RFC 6151
- Secure Hash Algorithm
- Security Support Provider Interface
- Simple Password
- TLS 1.3
- [#1] - MD5 - based on 2013-04-10
- [#2] - Fatally weak MD5 function torpedoes crypto protections in HTTPS and IPSEC - based on information obtained 2016-01-07