MD5 is a one-way Message Digest Cryptographic Hash Function developed by Professor Ronald L. Rivest defined in RFC 1321.

MD5 can be used to encode a value of an arbitrary length into a 128-bit value that cannot be reversed to determine the original clear text.

MD5 is commonly used as a mechanism for checksumming data, and it is also commonly used for encoding passwords and other sensitive information.

MD5 is Cryptographically Weak[2]#

Susceptibility of MD5 to collision attacks, in which the two different message inputs generate precisely the same cryptographic hash. (Cryptographic Collision) Because MD5 is a 128-bit function, cryptographers once expected to find a Cryptographic Collision after completing 264 computations. A phenomenon known as the birthday Paradox reduces the number of bits of security of a given function by one half.

Weaknesses in MD5, however, reduce the requirement to just 215 (or 32,768) for a collision or 239 for more powerful chosen-prefix collisions, in which an attacker can choose different message inputs and add values that result in them having the same hash value.

These discoveries do not directly impact the security of the way that the MD5 algorithm is used, but nevertheless it may be wise to use a stronger mechanism like the Secure Hash Algorithm.

The Unofficial Home Page for MD5 has several links for further information.

More Information#

There might be more information for this subject on one of the following: