MD5 ALGORITHM

By

Akshay Sharma (08IT000366)

Riddhi Surana (08IT000375)

Swapnil Bhatnagar (08IT000379)

DEPARTMENT OF

COMPUTER SCIENCE AND ENGINEERING

SIR PADAMPAT SINGHANIA UNIVERSITY UDAIPUR

SESSION 2010-2011
 CERTIFICATE

This is to certify that Mr. Akshay Sharma, Ms. Riddhi Surana and Mr. Swapnil Bhatnagar
the students of B.Tech(Information Technology) Sixth(VIth) Semester have submitted their
Seminar entitled “MD5 Encryption” under my guidance.

Mr. Avinash Panwar

(Guide)
 CERTIFICATE OF COMPLETION

This is to certify that Mr. Akshay Sharma, Ms. Riddhi Surana and Mr. Swapnil Bhatnagar
the students of B.Tech(Information Technology) Sixth(VIth) Semester have presented and have
successfully completed their Seminar entitled “MD5 Encryption” in the presence of
undersigned dignitaries.

Mr. Arun Kumar Other Evaluators

(H.O.D)
 ACKNOWLEDGEMENT

It is our profound privilege to express deep sense of gratitude towards our institute Sir
Padampat Singhania University, Udaipur. We would also like to thank Prof. P.C. Deka, Vice –
Chancellor (SPSU); Prof. Arun Kumar, H.O.D (CSE/IT) for having permitted us to carry out this
project work; immense pleasure in thanking Mr. Deepak Gour and Mr. Sandeep Chourasia,
major seminar in charge for their encouragement and their appreciation.

We wish to extend our gratitude in all sincerity to our internal guide, Mr. Avinash Panwar and
other faculties for their able guidance and useful suggestions, which helped us in completing
the report work, in time.

Finally, yet importantly, we would like to express our heartfelt thanks to our beloved parents
for their blessings, our friends, classmates for their help and wishes for successful completion
of this report.

Akshay Sharma Riddhi Surana Swapnil Bhatnagar

08IT000366 08IT000375 08IT000379

Sem-VIth (IT) Sem-VIth (IT) Sem-VIth (IT)

 ABSTRACT

MD5 or Message-Digest algorithm 5 is a type of cryptographic hash function that is

generally used together with a 128-bit hash value. It is commonly expressed as 32-digit
hexadecimal number. The Message-Digest (MD) algorithm 5 Professor was created and
developed by Ronald L. Rivest from MIT, which is the third version of Message Digest (The
previous encryptions of this category were the MD2 and MD4) and quite similar to MD5 with
respect to structure.

Previously to MD5, MD2 and MD4 were developed; in which MD2 was developed for 8-bit
processors whereas MD4 was not used at a large scale due to lack of security and MD4 &
MD5 were optimized for 32-bit processors which are widely used in different sectors today.
Message-Digest Algorithm 4 holds a good capability but was not at all good with respect to
security issues. MD5 was developed to enhance the security feature of the algorithm.
However, in 1996, it was discovered that MD5 was also vulnerable to some attacks; though it
was not as severe but it sent a message for a better replacement of the algorithm. Thus, MD5
is not used in some fields of applications like SSL or digital signatures that rely on this
property.

Rivest produced this product for the purpose of using MD5 with digital signature
applications. A Digital signature program includes compression of large-sized files using
safest method possible before it undergoes encryption using a password, which is under a
public key cryptosystem.

Today, MD5 algorithm is widely used in the process of assessing the authenticity of certain
files. The procedure of verification occurs in such a way that a 128-bit-message-digest of any
length is formed based on a primary data input. This is considered to be exclusive to just a
single data and it acts as an individual fingerprint as well. MD5 has been widely used in the
software world to provide some assurance that a transferred file has arrived. But now days, it
is quite easy to generate MD5 collisions, and so far, it is possible for the person who created
the file to create a second file with the same checksum, so the file can be protected against
some forms of malicious tampering.
MESSAGE-DIGEST

ALGORITHM 5
 TABLE OF CONTENTS

TITLE

1. Introduction
2. History of MD5
3. Hash Functions
4. MD5 hashes
5. Visual Examples
6. Cryptography
7. Different Cryptographic Hash Functions
8. MD5 – The Algorithm
9. PHP Syntax
10. Applications of MD5 algorithm
11. How to use MD5 Hash to check the Integrity of Files?
12. Validity check in UNIX
13. Why is MD5 still used widely?
14. Performance of MD5
15. Difference between MD5 and its predecessors
16. Limitations
a. Vulnerabilities
 Collision vulnerabilities
 Pre-image vulnerability
 Other vulnerabilities

Conclusions

List of Symbols and Abbreviations

References
Introduction
MD5 encryption is always mentioned
when we discuss over the topic of
Cryptography. MD stands for „Message
– Digest‟ and describes a mathematical
function that takes into account a
variable length string for processing.
The number 5 at the end simply
signifies that MD5 was the successor to
MD4.
Message-Digest algorithm 5, more
commonly known as MD5, is a type of
cryptographic hash function that is
generally used together with a 128-bit
hash value. MD5 is greatly utilized in
different security functions as
identified in the standard Internet
Engineering Task Force (IETF).
According to the experts, MD5 hash is
commonly expressed as 32-digit
hexadecimal number.
MD5 was created and developed by
Prof. Ronald L. Rivest of MIT, which is
the third in this series of message
digests. The other two encryptions
were the MD2 and MD4 and these
were quite the same with MD5 with
respect to their structure. However,
MD2 was more preferred on machines
that run in 8-bit while the two more
recent algorithms (MD4 and MD5)
were designed to work on 32-bit-type
of computers.
The most common use of MD5 is to
validate the authenticity of any file.
Rivest developed MD5 with a view to
use it widely in digital signature
applications. Digital signature
programs involve with the function of
compressing large-sized files using a
safe method before encryption (using
a password), which is under a public
key Cryptosystem.
It is a very rare sight when any
cryptographic algorithm has been
proved to be perfect. Algorithms are
examined as well as tested very
carefully by the cryptographers but
only a few stands the test of time. The
MD5 Algorithm is also not perfect
because MD5 too has some problems.
It was proposed that, to produce two
messages which have the same
Message Digest is computationally
infeasible. But, unfortunately, it led to
the problems concerning Multi-
collision attacks. Collisions have been
yielded for several one-way hash
algorithms. Of these, MD5 is the most
problematic due to its heavy
deployment. It largely affected, HMAC
and Digital Signatures within Digital
Rights Management (DRM) Systems.
Nevertheless, MD5 has been around
for years and still provides some
decent level of security for certain
things, it is commonly used to store
passwords in databases since MD5
cannot be reversed, passwords are
consider secure and safe if they are
stored in this format.
The word “Message-Digest” here implies
a unique identification or a fingerprint
of a file. Since any small change in the
file can change its hash string, so it is
most commonly used in checking the
integrity of the file. The MD5 algorithm
is designed to be quite fast on 32-bit
machines. In addition, the MD5
algorithm does not require any large
substituting tables; the Algorithm can
be coded quite compactly.
MD5 is somewhat slower than that of
MD4 algorithm, but is more securely
and conservatively designed.
History of MD5
MD5 is an algorithm developed by
Professor Ronald Rivest of MIT
University in the series of Message-
Digest Algorithms. When statistics and
analytics indicated that the
predecessor of MD5, i.e. MD4
algorithm is quite insecure and
vulnerable, MD5 was designed in
1991 to be more securable and
conservative replacement against
attacks.
In 1993, Dan Boer and Bosselaers were
succeeded partially in finding that two
different initialization vectors produce
an identical digest.
In 1996, Dobbertin announced a
collision of compression function of
MD5 algorithm. This was actually not
an attack over the whole MD5 function
but it suggested considering any
better cryptographic replacement for
use.
Hash-function
A hash function is any well-defined
function which converts large amount
of data into a small data
representation.
The Hash Function returns a calculated
value known as hash values, hash
For example, MD5 ("The quick brown
fox jumps over the lazy dog") =
9e107d9d372bb6826bd81d3542a419d
6
On March 18th, 2006, Klima published
an algorithm which was capable of
finding collision in MD5 on a single
notebook computer, using a method
particularly known as Tunnelling.
In 2008, United States Cyber
Command used a MD5 hash of their
mission statement as a part of their
official emblem.
On December 24th, 2010, Tao Xie and
Dengguo Feng announced the first
published single-block MD5 collision
(two 64-byte messages with same
MD5 hash). Previous collision
discoveries relied on multi-block
attacks. Xie and Fend, for some
reasons didn‟t disclose the new attack
method. They have challenged the
Cryptographic community of $10,000
for the one who finds any other 64-
byte collision method before January
1st, 2013.
codes, hash sums, checksums or hashes.
Hash functions are most commonly
used for searching the data or for tasks
like comparison, finding items in large
databases, detecting similar or
duplicate records in large files, etc.
Hash functions are also used in hash
tables to quickly locate the data, used
to build cache for large data.
MD5 Hashes
Visual Example of MD5 Hashes:
i. An image demonstrating the MD5 hashes string of an email-id.
The 128-bit or, more specifically, 16-
byte MD5 hashes (also termed
message digests) can be represented in
the form of a sequence of 32 hex digits.
The following demonstrates a 43-byte
ASCII input and the corresponding
MD5 hash:
MD5 ("Sir Padampat Singhania
University") =
3c6923b9e53a2612a2d583091151f3
Even a small change in the message
will (with overwhelming probability)
result in a mostly different hash, due to
the avalanche effect. For example,
adding a period to the end of the
sentence:
MD5 ("Sir Padampat Singhania
University.") =
d07f692567e28abb2b9f947d91b1fc3
The hash of the zero-length string is:
MD5 ("") =
d41d8cd98f00b204e9800998ecf8427e
 ii. An image calculating the MD5 Hash of a string.

Cryptography
Cryptography or cryptology is the used in ATM cards, computer passwords
pattern and study of hiding and electronic commerce.
information or data. Modern
History of cryptography indicates that
cryptography mainly deals with the
it is purely used only for conversion of
field of mathematics, computer science
message (i.e. encryption). [5]The origin
and electrical engineering.
of cryptography probably goes back to
Cryptography applications are mostly
the very beginning of human
existence, as people tried to learn how
to communicate. They consequently
had to find means to guarantee
secrecy as part of their
communications. Howsoever, the first
deliberate use of these kinds of
technical methods may be attributed
to the ancient Greeks, around 6 years
BC: a stick, named "scytale" was used.
The sender would roll a strip of paper
around the stick and write his message
longitudinally on it. He then unfolds
the paper and sends it over to an
addressee. Decrypting the message
without knowledge of the stick‟s width
- acting here as a secret key - was
meant to be impossible. Later, Romans
used Caesar‟s Cipher code to
communicate (a three letter alphabet
shift). Main use of encryption was to
ensure the privacy of the data or
message in communication from spies
or diplomats. In this day‟s this filed
make so much progress with new
techniques like message integrity
checking, sender/receiver identity
authentication, digital signatures,
secure computations etc.
The modern field of cryptography have
lots of area for studying some are like
public-key cryptography which include
the use of asymmetric key algorithms
rather than symmetric key algorithms,
Quantum Cryptography gives the
quantum mechanical effects, Caesar
cipher also known as shift cipher, it is
simplest and widely used encryption
technique. It is like a substitution
cipher in which letter in the text is
replaced by the some fixed numbers.
[2]
Within the context of any application-to-
application communication, there are
some specific security requirements,
including:
 Authentication: The process of
proving one's identity. (The primary
forms of host-to-host
authentication on the Internet
today are name-based or address-
based, both of which are
notoriously weak.)
 Privacy/confidentiality: Ensuring
that no one can read the message
except the intended receiver.
 Integrity: Assuring the receiver that
the received message has not been
altered in any way from the
original.
 Non-repudiation: A mechanism to
prove that the sender really sent
this message.
Different Cryptographic Hash Functions:

Name Length Type

GOST 256 bits Hash

HAS-160 160 bits Hash
HAVAL 128 to 256 bits Hash
MD2 128 bits Hash
MD4 128 bits Hash
MD5 128 bits Hash
RadioGatún Up to 1216 bits Hash
RIPEMD-64 64 bits Hash
RIPEMD-160 160 bits Hash
RIPEMD-320 320 bits Hash
SHA-1 160 bits Hash
SHA-224 224 bits Hash
SHA-256 256 bits Hash
SHA-384 384 bits Hash
SHA-512 512 bits Hash
Skein Arbitrary Hash
Snefru 128 or 256 bits Hash
Tiger 192 bits Hash
Whirlpool 512 bits Hash
FSB 160 to 512 bits Hash
ECOH 224 to 512 bits Hash
SWIFFT 512 bits Hash

Table 1. Different types of Cryptographic Hash Functions

MD5 ALGORITHM
The MD5 algorithm is an extension of MD5 is a block-chained digest
the MD4 message-digest algorithm. algorithm, computed over the data in
phases of 512-byte blocks organized
as little-endian 32-bit words (Figure).
The first block is processed with an
initial seed, resulting in a digest that
becomes the seed for the next block.
When the last block is computed, its
digest is the digest for the entire
stream. This chained seeding prohibits
parallel processing of the blocks.
Let us suppose that we are giving an
input message of b-bit and we want to
find its message digest. Here, b is an
arbitrary integer which can be equal to
greater than zero but no less than
zero.
Therefore, let the bits of the input
message be as follows:
m0 m1 m2 ... m (b-1)
The MD5 Algorithm takes in concern
the following steps to compute the
Message digests of the given input
message.
1. Padding the input message.
The b-bit message is extended or
more specifically “padded”, so that
its length reaches 448 bits, which is
MD5 algorithm uses four rounds, each
applying one of four non-linear
functions to each sixteen 32-bit
segments of a 512-bit block source
text. The result is a 128-bit digest.
Figure 1 is a graph representation that
illustrates the structure of the MD5
algorithm.
64 bits less than a multiple of 512
bits. The padding is performed by
appending a single “1” bit to the input
message, and then “0” bits are
appended so that the length in bits of
the padded message becomes equal
to 448 bits.
2. Append 64-bit number.
Now, the length of the input message
is converted to 64-bit representation
and then it is appended to the
previous result. After this processing,
the resulting message of padded bits
and b, has a length that is an exact
multiple of 512 bits. Also, this message
has a length that is an exact multiple of
16 (32-bit) words. Thus, m [0 ... n-1]
denote the words of the resulting
message; where n is a multiple of 16.
3. Message-Digest Buffer is initialized.
A 4-word buffer (A, B, C and D) is used
to compute the message digest. Here,
each of A, B, C, D is a 32-bit register.
These registers are initialized to the
following values in hexadecimal:
Word A: 01 23 45 67
Word B: 89 ab cd ef
Word C: fe dc ba 98
Word D: 76 54 32 10
4. Processing of each 16-Word Blocks.
Firstly, four functions are defined that
take as input three 32-bit words and
result in an output of one 32-bit word.
They are as follows:
Where,
Denote the XOR, OR, AND,
and NOT operations respectively.
Here, we will also use a 64-element
table T [1 ... 64] constructed from the
Sine function. Let T[i] denote the i th
element of the table, which is equal to
the integer part of 4294967296 times
abs (sin (i)), where I is in radians.
5. Output.
The message digest produced as
output is A, B, C and D. That is, we
begin with the low-order byte of A,
and end with the high-order byte of D.
The steps have optimization
limitations, due to the mathematical
properties of the operations used:
 Additions can be reordered by
commutative laws.
 Rotate does not distribute over
addition.
 Addition does not distribute over
rotation or logicals.
The Algorithm
[3][4]
The algorithm takes as input a
message of arbitrary length and
produces as output a 128-bit
"fingerprint" or "message digest" of
the input. It is conjectured that it is
computationally infeasible to produce
two messages having the same
message digest, or to produce any
message having a given pre-specified
target message digest. The MD5
algorithm is intended for digital
signature applications, where a large
file must be "compressed" in a secure
manner before being encrypted with a
private (secret) key under a public-key
cryptosystem such as RSA
FOR I = 0 TO N/16-1 DO //PROCESS EACH 16 -WORD BLOCK.
FOR J = 0 TO 15 DO //COPY BLOCK I INTO X.
SET X[J] TO M [I*16+J].
END //OF LOOP ON J
AA = A //SAVE A AS AA, B AS BB, C AS CC, AND D AS DD.
BB = B
CC = C
DD = D

//LET [ABCD K S I] DENOTE THE OPERATION

//A = B + ((A + F(B, C,D) + X[K] + T[I]) <<< S).

/* THEN PERFORM THE FOLLOWIN G ADDITIONS. (THAT IS INCREMENT EACH OF THE FOUR
REGISTERS BY THE VALUE IT HAD BEFORE THIS BLOCK WAS STARTED.) */
A = A + AA
B = B + BB
C = C + CC
D = D + DD
END

PHP Syntax for generating MD5 Hash

$password = md5 ($password);

PHP Syntax for Login Form

Let's say $_POST ["pass"] is the password they submit and $real_pass is the md5 from
your database.

if (md5($_POST["pass"] == $real_pass)

// Password correct
 // Set cookies, redirect, display page
else
// Password incorrect
// Redirect, show Error
Applications of MD5
Message-Digest is widely used in
different softwares to provide some
assurance that a transferred file has
arrived intact.
For example, some File Servers
provide a pre-computed MD5 (called
MD5sum) checksum for their files, so
that one can compare the checksum or
hash string of the downloaded file with
it. The Unix-based operating systems
(viz. Debian, Ubuntu, etc.) include MD5
sum utilities in their distribution
packages, whereas Windows users
need to use third-party applications for
generating a hash string.
Protection from tampering- Suppose
we have released a program or
software and is freely distributed
among the people. But, if someone
who want to tamper the application,
will add a malware onto the software
program. Now, if we take an MD5
checksum of the original program and
then compare it with the MD5
checksum of the downloaded version.
If it matches that means the file is safe
otherwise it means that the software or
the program has been tampered.
However, now it is quite easy to
generate MD5 collisions. Now, the
person who created the file can give a
checksum to second file with the same
checksum, so this technique cannot
protect against some forms of
malicious tampering. Also, in some
cases, the checksum cannot be trusted
(for example, if it was obtained over
the same channel as the downloaded
file), in which case MD5 can only
provide error-checking functionality: it
will recognize a corrupt or incomplete
download, which becomes more likely
when downloading larger files. MD5
can also be used to store passwords.
MD5 technique is also used for
authentication in a number of
protocols. It has also been included as
an encapsulation mechanism in SIPP,
IPv6, and IPv4. A partial list of
protocols or protocol options using
MD5 is as follows:
 SNMP V2
 IPv6 / IPng
 IPng ESH (uses DES)
 IPv4
 SIPP (progenitor of IPng)
How to use MD5 Hash to check the Integrity of Files?
Suppose we have a file called file.tar
on our server. Before we download, we
will be generating an MD5 hash for
this file on the Server. For this purpose,
we will be using the following shell
commands in UNIX.
For UNIX:
 md5sum file.tar
After hitting ENTER key, we‟ll see the
MD5 Hash as below:
Checking for validity
In order to see whether a given file is
valid and correct, we pass the output
of a previous md5sum with the switch
-c. Thus, the following two steps occur:
1. Compute the MD5 sum and store it
in a file using:
md5sum file > file.md5
2. Check for validity with:
md5sum -c file.md5
 OSPF
 RIP-II
 RIPng
 TCP
 SOCKS V5
 WWW's Secure HyperText Transfer
Protocol
 WWW's SimpleMD5
e4d909c290d0fb1ca068ffaddf22cbd
0
This is the MD5 hash string for the file
“file.tar”. After downloading this file
onto the computer, we can cross check
the integrity of the file by re-
generating the MD5 hash string for the
downloaded file. Now, if both the hash
strings match, then this implies that
the downloaded file is correct.
Otherwise it means that the file is
corrupt.
If file is not present, omit the file
parameter from standard input.
It is not possible to compute a
checksum for an entire directory. We
need to recursively check every single
file. There are two alternatives:
1. Use find in conjunction with
md5sum:
find -s directory -type f -print0 | xargs -
0 md5sum >> file.md5
or
find -s directory -type f -exec md5sum {}
\; >> file.md5
This will now store the checksum for all
the files inside the directory into
file.md5. We can now check the copied
directory with respect to this file. Now
go to the location of the copied
directory and issue:
2. md5sum -c /path/to/file.md5
3. We can now install md5deep,
which has a recursive option.
md5deep -rl directory > file.md5
Now go to the location of the copied
directory and issue:
md5sum -c /path/to/file.md5
Why MD5 is still used
widely?
An MD5 exposure is well documented
and it remains distributed in its usage.
MD5 is used as a checksum hash
function because it is very fast and
collision is very low in ratio and if
collision is possible then that is not a
big problem. MD5 is very quick to
create.
MD5 is widely used as a checksum
hash function because it‟s fast and
presents an extremely low collision
ratio. An MD5 checksum is composed
of 32 hexadecimal digits which
together provide a 1 in ~3.42e34 odds
of a collision.
MD5 can be read easily as it is short.
For unskilled tasks MD5 hash is good
enough. For example, if we download
an e-book from a trusted mirror and
want to check whether the file that has
been downloaded is correct or not, we
can do it so by generating the MD5
hash of it. Then compare the hash with
the generated hash of the file. If both
hashes match the e-book is
downloaded correctly and completely.
For cryptography, MD5 is a valid
alternative if security is only a
moderate concern. It's a very viable
option for hashing database passwords
or other fields requiring internal
security for its speed mostly, but also
because MD5 does offer a reasonable
level of security where strong
encryption is not a concern.
MD5 security can be improved by
preserving it.
Figure above Demonstrating the MD5 hashes in Database.
Figure Showing a Windows Application that generates MD5 Hashes to
compare two files.

Figure showing an iMac App. that stores MD5 checksum.

Performance

___________________________________________________________________
Key size/hash size Extrapolated Speed PRB Optimized

(bits) (Kbytes/sec.) (Kbytes/sec.)

__________________________________________________________________________________________

TEA 128 700 -

DES 56 350 7746

Triple-DES 112 120 2842

IDEA 128 700 4469

RSA 512 7 -

SHA 160 750 25162

MD5 128 1740 62425

__________________________________________________________________________________________

Figure. Performance of encryption and secure digest algorithms

The above figure shows the size of the
key or more specifically, size of the
result for some safe and secure digest
functions and the speed of some most
popular encryption algorithms.
proprietary as well as optimized
implementations of the algorithms in
assembly language. As is shown in the
figure, MD5 performs much faster than
all other algorithms in both the cases.

The measurements in the terms of MD5 software currently runs at 85

speed in the figure were taken as
rough estimates of the performance of
the algorithms on a 330 MHz Pentium
II processor in 1999. Another term
“Extrapolated Speed” was based on the
C source code which was published in
1996 with no particular attempt to
optimize the code, whereas the term
“PRB“ figure is the result of a
substantial research effort to produce
Mbps on a 190 Mhz RISC architecture,
a rate that cannot be improved more
than 20-40%. Because MD5 processes
the entire body of a packet, this data
rate is insufficient for current high
bandwidth networks, including HiPPI
and FiberChannel. Further analysis
indicates that a 300 Mhz custom VLSI
CMOS hardware implementation of
MD5 may run as fast as 256 Mbps.
Van Oorschot and Wiener have
considered a brute-force search for
collisions in hash functions, and they
estimate a collision search machine
designed specifically for MD5 (costing
$10 million in 1994) could find a
collision for MD5 in 24 days on
average. Although the computing
Difference between MD5
and its predecessors
1. There were only 3 steps in
calculation of MD4 algorithm. MD5
introduces 2 new steps to increase
security hence more conservative.
2. Each step in MD5 contains a
uniquely defined additive constant.
3. The function g in step#2 was
changed to make g less symmetric.
Limitations of MD5 Algorithm
The security of the MD5 hash function
is somewhat compromised. A collision
attack exists that can find collisions
within seconds on a computer with a
2.6 GHz Pentium4 processor.
Moreover, there is also a chosen-prefix
collision attack that can produce a
collision for two chosen arbitrarily
different inputs within hours, using off-
the-shelf computing hardware
(complexity 239).
These collision attacks have been
demonstrated in public in various
speed of computer has been increased
dramatically in the past decade, which
makes the brute-force search much
faster, MD5 algorithm is still
considered one of the most secure
algorithms available today.
4. Each step now adds in the result of
the previous step. This promotes a
faster "avalanche effect".
5. The order in which input words are
accessed in rounds 2 and 3 is changed,
to make these patterns less like each
other.
6. The shift amounts in each round
have been approximately optimized, to
yield a faster "avalanche effect" The
shifts in different rounds are distinct.
situations, including colliding
document files and digital certificates.
As of 2009 theoretical attack also
breaks MD5's pre-image resistance.
a. Vulnerabilities:
MD5 is a one way function, this implies
that it cannot be reversed. It cannot
practically be bruted force either
because of the length of the key.
However, the most common form of
attack on an MD5 string is a Rainbow
Table attack. This works in a very
similar way to brute force and basically
uses a massive database of MD5
strings with their reversed outputs.
There have also been numerous
demonstrations showing that
different files can generate the same
hash. With these vulnerabilities in
mind, most people are moving away
from MD5 for uses in their
applications, algorithms such as SHA
are more recommended where security
is essential.
Some of the vulnerabilities are as
follows:
 Collision vulnerabilities
In the year 1996, collisions were found
in the compression function of MD5,
and Hans Dobbertin, in the RSA
Laboratories technical newsletter
stated, "The presented attack does not
yet threaten practical applications of
MD5, but it comes rather close. In the
future MD5 should no longer be
implemented, where a collision-
resistant hash function is required."
In 2005, researchers were able to
create pairs of PostScript documents
and X.509 certificates with the same
hash. Later that year, MD5's designer
Ron Rivest wrote, "md5 and sha1 are
both clearly broken (in terms of
collision-resistance)," and RSA
Laboratories wrote that "next-
generation products will need to move
to new algorithms."
On 30 December 2008, a group of
researchers announced at the 25th
Chaos Communication Congress how
they had used MD5 collisions to create
an intermediate certificate authority
certificate which appeared to be
legitimate when checked via its MD5
hash. The researchers used a cluster of
Sony Playstation 3s at the EPFL in
2 Lausanne, Switzerland to change a
normal SSL certificate issued by
RapidSSL into a working CA certificate
for that issuer, which could then be
used to create other certificates that
would appear to be legitimate and
issued by RapidSSL.
Bruce Schneier wrote of the attack that
"We already knew that MD5 is a broken
hash function" and that "no one should
be using MD5 anymore." The SSL
researchers wrote, "Our desired impact
is that Certification Authorities will stop
using MD5 in issuing new certificates.
We also hope that use of MD5 in other
applications will be reconsidered as
well."
MD5 uses the Merkle–Damgård
construction, so if two prefixes with the
same hash can be constructed, a
common suffix can be added to both
to make the collision more likely to be
accepted as valid data by the
application using it. Furthermore,
current collision-finding techniques
allow specifying an arbitrary prefix: an
attacker can create two colliding files
that both begin with the same content.
All the attacker needs to generate two
colliding files is a template file with a
128-byte block of data aligned on a
64-byte boundary that can be changed
freely by the collision-finding
algorithm.
 Pre-image vulnerability
In April 2009, a pre-image attack
against MD5 was published that breaks
MD5's pre-image resistance. This is only
a theoretical attack, with a
computational complexity of 2123.4 for
full pre-image and 2116.9 for a
pseudo-pre-image.
 Other vulnerabilities
A number of projects have published
MD5 rainbow tables online, that can be
used to reverse many MD5 hashes into
CONCLUSIONS
In this report we studied MD5 hash
functions, their properties and many of
its attacks. We demonstrated different
attacks, beginning from the first attack
after a few years of presenting the
MD5 hash function; a brief explanation
of their attacks, and a short phrase of
Klima‟s application for finding a
collision on a simple Notebook. The
division of the range of searching the
numbers gives shorter and more
specific time of searching. The 2
methods of dividing the searching
space, show which of them yields
better results, and concluded the
results of them.
We can conclude that MD5 Algorithm
is widely used cryptographic hash
function and often used in checking file
integrity, saving passwords, generating
hash functions, etc. MD5 was
developed with a view of getting more
secure environment than its
predecessor, MD4. It is the third in its
category of message-digest.
strings that collide with the original
input, usually for the purposes of
password cracking.
The use of MD5 in some websites'
URLs means that search engines such
as Google can also sometimes function
as a limited tool for reverse lookup of
MD5 hashes.
Both these techniques are rendered
ineffective by the use of a sufficiently
long salt.
Previously, MD2 and MD4 were also
developed but MD2 was developed for
8-bit processors while MD4 was not
used at a large scale due to lack of
security. On the other hand, MD4 and
MD5 were developed for 32-bit
processors which are used widely in
different sectors today. Message-
Digest Algorithm 4 holds a good
capability but was not at all good with
respect to security issues. MD5 was
developed to enhance the security
feature of the algorithm. However, in
1996, it was discovered that MD5 was
also vulnerable to some attacks;
though it was not as severe but it sent
a message for a better replacement of
the algorithm. Thus, MD5 is not used
in some fields of applications like SSL
or digital signatures that rely on this
property.
LIST OF SYMBOLS
ABBREVIATIONS
Symbols
Logical XOR Operation
Logical AND Operation
Logical OR Operation 
Logical NOT Operation
Abbreviations
MD – Message Digest Algorithm
WWW – World Wide Web
SHA – Secure Hash Algorithm
SNMP – Simple Network Management
Protocol
HMAC - Hashed
Authentication Code
DRM – Digital Rights Management
AND REFERENCES
[1]. “MD5 Algorithm”
http://en.wikipedia.org/wiki/MD5
[2]. “The purpose of Cryptography”
http://www.garykessler.net/library/cryp
to.html#purpose
[3] “MD5, Message-Digest Algorithm”
http://www.networksorcery.com/enp/d
ata/md5.htm
Rivest, R., "The MD4 Message Digest
Algorithm", RFC 1320, MIT and RSA
Data Security, Inc., April 1992.
[4]. “RFC 1321 - The MD5 Message-
DigestAlgorithm”
http://www.faqs.org/rfcs/rfc1321.html
Message [5]. S. Singh, “History of cryptography”,
Histoire des codes secrets. Jean-Claude
Lattès, 1999.