Review of the MD5 algorithm
Encrypt and decrypt the MD5 hash code
Sometimes it happens that you do not remember the code to the front door, and standing there, waiting for that one memory is better than yours. They say the best memory of the scientists. They still remembering the days when they were for new knowledge burned with a hot iron heel. So they came up with such a terrible thing as MD5 decryption. And the most interesting before they managed it and even encrypt!
MD5 what is it?
MD5 is one of hash algorithms 128-bit basis. By hashing the input conversion understood by a particular algorithm to a bit string of a certain length. At the same time resulting in the result of the calculation is represented in hexadecimal. It’s called a hash, or hash sum hash code.
Hashing process is widely used in programming and web industry. Basically, to create unique values in an associative array identifiers.
Scope of hashes:
- Storing passwords in the databases of security data
- In the framework of modern cryptography to create a line of unique keys
- Creation of electronic signatures
- Verification of authenticity and integrity of the computer file system elements
MD5 hashing as a standard was developed in 1991 to create a unique hash code of the specified value and then verify its authenticity.
md5sum utility for MD5 hashing algorithm specified for the data file, returns a string. It consists of 32 numbers in hexadecimal (016f8e458c8f89ef75fa7a78265a0025).
That is, the hash received from the function, which is based on this algorithm, gives out a string of 16 bytes (128) bits. And this line includes 16 hexadecimal numbers. The change in at least one of its lead character to the subsequent irrevocable change the values of all other strings of bits:
MD5 cryptographic resistance
It would seem that such a characterization MD5 should provide a 100% guarantee of invulnerability and preserving data. But even this was not enough. In the course of the research scientists had identified a number of gaps and vulnerabilities in the already released at the time the algorithm. The main reason for the weak MD5 security is relatively easy to find collisions for encryption.
Under collision realize the possibility of obtaining the same result computing a hash function for different input values.
Simply put, the greater the probability of finding a collision, the reliability of the algorithm used below. The probability of finding collisions in the encryption more secure hash functions practically reduced to 0.
That is a high probability of decoding MD5 passwords is a major reason for not using this algorithm. Many cryptology (data encryption experts) MD5 bind low reliability with a small length of the resulting hash.
Scope hashing algorithm:
- Checking the integrity of files received via the Internet – many installation
packages are provided with a hash code. During application, the activation value is compared with a value located in the data base developer - Search in the file system of duplicate files – files each provided with its
hash code. Special application scans the computer’s file system, comparing the hashes of all the elements. When a match is found the utility notifies the user or removes duplicate. - For hashing passwords – in the family of UNIX operating systems, each user
the system has a unique password, which is used to protect the MD5 hashing on the basis of. Some systems based on Linux also use this password encryption method.
decoding means or MD5 decryption
MD5 decoding means
Sometimes, when working with a computer or corrupted databases to decode encrypted using an MD5 hash value.
The preferred use of specialized resources, providing the opportunity to do it online.
An example of this service is http://decrypthash.com/en/ – this service has a simple and intuitive interface. For decoded values you need to enter the hash md5 and fill in the captcha verification.
Create MD5 hash is a one-way process. Therefore, no reverse decoding means the initial value.
Security Essentials using MD5
This coding standard is one of the most common methods of protection of data not only in the application, but in web programming. So do not be superfluous to secure their md5 hash of intentional tampering.
The main way to guarantee the security of the hash of your password is to use the “salt.” It is based on the addition to the password a few random characters and then hashing the result.
In many programming languages that are used for special classes and functions. Are no exception to the rule and server programming languages.
Create MD5 hash code in php, you can use several functions:
- md5 () – as one of the parameters is set to “salts”;md5 () – as one of the parameters is set to “salts”;
- crypt () – in contrast to the previous, this function fully automates the entire process
including salts and generation value.
The syntax is:
string crypt (string $ str [, string $ salt])
Example of use:
$ Hash = crypt ( ‘password’)
When used in PHP to set values of salt md5 () function uses methods of generating random numbers. For example, rand ():
<? Php
$ Pass = ‘admin’;
function salt () {
$ S = ”;
$ Length = rand (7,12); // Salt length
for ($ i = 0; $ i <$ length; $ i ++) {
. $ S = chr (rand (33,126)); // random character from the ASCII table
}
return $ s;
}
echo md5 (md5 ($ pass) .salt ());
?>
In addition to the use of “salt” has been developed several methods for protecting an MD5 hash:
MD5 (Unix) – given the initial value of the hashing loop passes around 1000
time;
MD5 (HMAC) – this method is based on the use of a special hashing
key;
MD5 (Base64) – resulting hash again encoded using Base64 algorithm.
The article presents only an introduction to the security of the hash obtained with this algorithm. The simplest and most effective of these is the use of unique value “salt”, which allows to “annoy” the attacker and “sweeten” life owner crack passwords.