<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
MD5 is a one-way [Message Digest|Message-Digest] [Cryptographic Hash Function] developed by [Professor Ronald L. Rivest|http://en.wikipedia.org/wiki/Ronald_L._Rivest] defined in [RFC 1321|https://opends.dev.java.net/public/standards/rfc1321.txt]. 

[{$pagename}] can be used to encode a value of an arbitrary length into a 128-bit value that cannot be reversed to determine the original clear text.  

[{$pagename}] is commonly used as a mechanism for checksumming data, and it is also commonly used for encoding passwords and other sensitive information.


%%warning
[{$pagename}] is [Cryptographically Weak]
%%

!! [{$pagename}] is [Cryptographically Weak][2]
Susceptibility of MD5 to collision [attacks], in which the two different message inputs generate precisely the same cryptographic hash. ([Cryptographic Collision]) Because [{$pagename}] is a 128-bit function, cryptographers once expected to find a [Cryptographic Collision] after completing 264 computations. A phenomenon known as the [birthday Paradox] reduces the number of bits of security of a given function by one half. 

Weaknesses in [{$pagename}], however, reduce the requirement to just 215 (or 32,768) for a collision or 239 for more powerful chosen-prefix collisions, in which an attacker can choose different message inputs and add values that result in them having the same hash value.

These discoveries do not directly impact the security of the way that the [{$pagename}] algorithm is used, but nevertheless it may be wise to use a stronger mechanism like the [Secure Hash Algorithm].

The [Unofficial Home Page for MD5|http://userpages.umbc.edu/~mabzug1/cs/md5/md5.html] has several links for further information.

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [MD5|https://en.wikipedia.org/wiki/MD5|target='_blank'] - based on 2013-04-10
* [#2] - [Fatally weak MD5 function torpedoes crypto protections in HTTPS and IPSEC|http://arstechnica.com/security/2016/01/fatally-weak-md5-function-torpedoes-crypto-protections-in-https-and-ipsec//|target='_blank'] - based on information obtained 2016-01-07
</pre>