MD5 Tutorial

Discussion in 'Engineering Concepts' started by pradeep, May 24, 2005.

  1. pradeep

    pradeep Team Leader

    Joined:
    Apr 4, 2005
    Messages:
    1,645
    Likes Received:
    87
    Trophy Points:
    0
    Occupation:
    Programmer
    Location:
    Kolkata, India
    Home Page:
    http://blog.pradeep.net.in

    What is MD5 or MD5sum?



    Its a formula - a way to take a message of an arbitrary length, and create a 128-bit "fingerprint" or "message digest" of the message. MD5 is a way to verify data integrity. On these forums, it comes up fairly often in discussions about storing user passwords and other sensitive data.

    Is MD5 encryption?



    No. It is simply a one-way fingerprint of the message. It doesn't include the original message, and you can't (generally) use the fingerprint (the md5sum) to 'figure out' the original message.

    Okay, so you take a message - like a password - and generate an MD5sum from it.. Can't you brute-force that?

    Like any password system, you could attempt to brute force the answer. However, MD5sum's are in a 128-bit space, meaning that to brute force it would take 2^128 attempts - thats over 3 with 38 zeroes after it.

    Neat! Thats a lot. Are there any flaws in the algorithm that could speed it up?

    A birthday attack is based on the theory that there *might* be *one* md5sum that matches multiple inputs. In theory, it is possible that a "birthday" attack could be possible - two md5sum hashes could be the same. But even then, the total number of brute forces is at 2^64 attempts - still a heck of a lot.

    Okay. But couldn't (insert super-sneaky government agency here) build an md5 dictionary, and know what the password was with the md5?

    Yes. Its entirely possible. However - it would take some work to do so. For example, just for a dictionary consisting of Alphabet letters (upper and lower), and numbers, there would be 46,656,000,000 entries - all at 32 characters each. Thats over 1 terabyte of data to store and search! It could be done - absolutely. But is it likely?

    So its hard to brute force, what about dictionary attacks?

    Dictionary attacks are a way of attacking poor passwords - most people use words in their passwords. If you can guess the word - for example, "love", then you can cut down the number of tries it would take. Of course if you guess right, then your # of attacks = 1. However, in general, using common computers as of the writing of this (2005), you can generally get roughly 5 million attacks per second, or fast enough to guess all 8-character Alphanumericals within 497 days.

    Thats pretty strong - but is there anything stronger?



    A similar method is SHA1 - a more secure 160-bit hashing algorithm. That makes it *much* more secure against brute-force, birthday attacks, and other forms of assault. There are yet more hashing algorithms that are even stronger - but MD5 and SHA1 are both natively supported in the latest PHP, and should be sufficient for most projects.

    Allright - I'm sold. Tell me how to use it to store passwords and check them

    There are three things we are protecting against - the stored passwords, the transmission of the passwords, and the replay of the password. Each is very different. Lets start with the stored password. We need to take a password, and store it in a variable. Then we need to check that variable against what the user entered:
    PHP:
    $secret_password md5("password");
      
     if (
    md5($_POST['password']) == $secret_password)
     {
         echo 
    "Correct password";
      
     } else {
      
         echo 
    "Incorrect password";
     }
     
    Simple enough. However, the password is being sent cleartext in $_POST['password']. Which brings us to another thing to protect against - the cleartext transmission. Thankfully, there is an opensource (GPL'd) javascript MD5 implementation available online which can be found here. If you use that javascript library to md5 the password before sending it, the server code would look like this instead:
    PHP:
    $secret_password md5("password");
      
     if (
    $_POST['password'] == $secret_password)
     {
         echo 
    "Correct password";
      
     } else {
      
         echo 
    "Incorrect password";
     }
     
    Again, fairly simple. However, I mentioned the other problem - replay attacks. If someone could manage to 'sniff' the connection, and capture the md5sum, they could simply use that to login!

    The solution to that can be very complex and involved - the same site for the javascript md5 function goes into great detail discussing how to implement a truly secure solution. It's called a "CHAP" login system, and here is a link to his page on it - including complete working PHP and javascript code to implement it.

    MD5 is a very useful means to protect user's passwords online - if used correctly. Its not encryption, but it does help prevent whole databases of passwords being compromised.
     
  2. AhmedHan

    AhmedHan New Member

    Joined:
    Oct 11, 2005
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    0
    Home Page:
    http://www.stirve.com
    Thanks for the splendid info.

    Do you know if there is any Win32 API or some stuff like that that generates MD5 code. I mean, I am looking for a function which is corresponding to the MD5() function of PHP, for using in C++. A DLL would be nice.
     
  3. shabbir

    shabbir Administrator Staff Member

    Joined:
    Jul 12, 2004
    Messages:
    15,375
    Likes Received:
    388
    Trophy Points:
    83
    In dot net you can use the Cryptography interface to do it for you but in Win32 if you use the dotnet compiler the SDK can help you out but probably need the 3rd party DLL or Some SDK

    Here is the MSDN link for the same MD5
     
  4. Becksbox

    Becksbox New Member

    Joined:
    Dec 11, 2006
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    Hi

    Is it somehow possible to reverse engineer md5 hashes ?
    I mean, i just found http://md5.rednoize.com and i wondered how this site works.
     
  5. AhmedHan

    AhmedHan New Member

    Joined:
    Oct 11, 2005
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    0
    Home Page:
    http://www.stirve.com
  6. pradeep

    pradeep Team Leader

    Joined:
    Apr 4, 2005
    Messages:
    1,645
    Likes Received:
    87
    Trophy Points:
    0
    Occupation:
    Programmer
    Location:
    Kolkata, India
    Home Page:
    http://blog.pradeep.net.in
    Its not possible to reverse engineer MD5 hashes, but what you can do is, make a database of of MD5 hashes and their corresponding words,and when you want to lookup what the hash orginally was generated from, just lookup the hash with the database to get the corresponding word.
    But its not feasible to create a database of all possible strings.
     
  7. ReekenX

    ReekenX New Member

    Joined:
    Jan 19, 2007
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Occupation:
    Developer
    Home Page:
    http://www.jarmalavicius.lt
    Thanks. But I md5 is not safe in my opinion. It is possible that two or more words hashed will have the same value of md5?
     
    Last edited: Jan 21, 2008
  8. pradeep

    pradeep Team Leader

    Joined:
    Apr 4, 2005
    Messages:
    1,645
    Likes Received:
    87
    Trophy Points:
    0
    Occupation:
    Programmer
    Location:
    Kolkata, India
    Home Page:
    http://blog.pradeep.net.in
    The probability of a collision is negligible.
     
  9. kush_2207

    kush_2207 New Member

    Joined:
    Jun 26, 2007
    Messages:
    49
    Likes Received:
    1
    Trophy Points:
    0
    Rainbow attacks have become the major threat for md5 and is put to use to crack md5 hashes....md5 would be gone in few years...SHA-1 and SHA-256 (its successor) would be put into practice more often....
     
  10. AhmedHan

    AhmedHan New Member

    Joined:
    Oct 11, 2005
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    0
    Home Page:
    http://www.stirve.com
    What is a rainbow attack?
     
  11. kush_2207

    kush_2207 New Member

    Joined:
    Jun 26, 2007
    Messages:
    49
    Likes Received:
    1
    Trophy Points:
    0
    Rainbow tables store all the predetermined hashed along with the corresponding text.....They signify the trade-off between memory and performance.....
    Rainbow tables are of 50-100 GiB (Depending on the amount of information it stores) and can help you find the plaintext of the hash within seconds....
    Link -> http://www.antsight.com/zsl/rainbowcrack/ This will give you a better idea....You can google it and find alot.
    Comments as always welcomed.
     
  12. pradeep

    pradeep Team Leader

    Joined:
    Apr 4, 2005
    Messages:
    1,645
    Likes Received:
    87
    Trophy Points:
    0
    Occupation:
    Programmer
    Location:
    Kolkata, India
    Home Page:
    http://blog.pradeep.net.in
    Yeah! That's right!
     
  13. AhmedHan

    AhmedHan New Member

    Joined:
    Oct 11, 2005
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    0
    Home Page:
    http://www.stirve.com
    I knew that method, but I didn't know its name was "rainbow attack".
    You say 50-100 GB but I heard that the tables had sizes which are in units of TB, and only a few supercomputers in the world have it.
     
  14. pradeep

    pradeep Team Leader

    Joined:
    Apr 4, 2005
    Messages:
    1,645
    Likes Received:
    87
    Trophy Points:
    0
    Occupation:
    Programmer
    Location:
    Kolkata, India
    Home Page:
    http://blog.pradeep.net.in
    No, servers these days support TB of storage. All major RDBMS's support data files in TB!
     
  15. codestorm

    codestorm New Member

    Joined:
    May 20, 2008
    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    India
    I think MD5 has been succeeded by SHA1, what say?
     
  16. blacklight332

    blacklight332 New Member

    Joined:
    Feb 28, 2009
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    A lot of people use PHP for md5(), and when they use a C++ implementation it doesn't always return the same hash.

    This implementation's hashes match that of php:
     
  17. shabbir

    shabbir Administrator Staff Member

    Joined:
    Jul 12, 2004
    Messages:
    15,375
    Likes Received:
    388
    Trophy Points:
    83
    You mean the link in the signature?
     
  18. Lulugreen

    Lulugreen New Member

    Joined:
    May 23, 2011
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    0
    The MD5 Tutorial is very detailed. I am looking for some guide about MD5. Today i am happy that I find it in this forum. Thanks!
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice