The full name of md5 is message-digest algorithm 5, which was developed by computer science laboratory of Massachusetts Institute of Technology and ronald l. rivest of rsa data security inc in the early 1990s, and by md2, md3 and md4. Its function is to "compress" a large amount of information into a secure format (that is, convert a byte string of any length into a large integer of a certain length) before signing the private key with digital signature software. No matter md2, md4 or md5, it is necessary to get a random length of information and generate a 128-bit information summary. Although the structures of these algorithms are more or less similar, the design of md2 is completely different from that of md4 and md5, because md2 is optimized for 8-bit computers, while md4 and md5 are designed for 32-bit computers. The descriptions of these three algorithms and the source code of C language are described in detail in the Internet rfcs 132 1(/ set to openly solicit attacks specifically aimed at MD5), which was published on August 17, 2004: "China researchers found the collision of complete MD5 algorithms; Wang, Feng, Lai and Yu announced the collision of several Hash functions: MD5, MD4, HAVAL- 128, RIPEMD- 128. This is the most substantial research progress in the field of cryptography in recent years. Using their technology, MD5 conflicts can be found in a few hours. ..... Because of this landmark discovery, the MD5CRK project will end in the next 48 hours ".

Using hash function, irreversible encryption algorithms widely used in computer networks include MD5 algorithm invented by RSA and secure hash algorithm SHA recommended by American National Institute of Technical Standards.

Application of algorithm

The typical application of MD5 is to generate a message digest for a message to prevent it from being tampered with. For example, under UNIX, many softwares have a file with the same file name and a file extension of .md5 when downloading. In this file, there is usually only one line of text, and the general structure is as follows:

MD5(tanajiya.tar.gz)= 0ca 175 b 9 c 0 f 726 a 83 1d 895 e 26933246 1

This is the digital signature of tanajiya.tar.gz document. MD5 regards the whole file as a big text message, and generates this unique MD5 message digest through its irreversible string transformation algorithm. If in the process of spreading this file in the future, no matter what changes have taken place in the content of the file (including artificial modification or transmission errors caused by unstable lines during downloading, etc.). ), as long as you recalculate the MD5 of this file, you will find that the information summary is different, so you can be sure that you only get an incorrect file. If there is a third-party certification authority, MD5 can also prevent the "denial" of the document author, which is the so-called digital signature application.

MD5 is also widely used in encryption and decryption technology. For example, in a UNIX system, the user's password is encrypted by MD5 (or other similar algorithm) and stored in the file system. When the user logs in, the system calculates the password entered by the user as the MD5 value, and then compares it with the MD5 value saved in the file system to determine whether the entered password is correct. Through such steps, the system can determine the legitimacy of the user's login system without knowing the clear password of the user. This can not only prevent users' passwords from being known by users with system administrator rights, but also increase the difficulty of password cracking to some extent.

It is for this reason that one of the most commonly used methods for hackers to decipher passwords is a method called "running a dictionary". There are two ways to obtain the dictionary, one is the string table used as password collected daily, and the other is generated by permutation and combination. Firstly, the MD5 values of these dictionary items are calculated by MD5 program, and then the MD5 values of the target are found in this dictionary. Let's assume that the maximum length of the password is 8 bytes, the password can only be letters and numbers, ***26+26+ 10=62 characters, and the number of entries in the dictionary is p (62,1)+p (62,2) ...+p (62). This encryption technology is widely used in UNIX systems, which is also an important reason why UNIX systems are more robust than general operating systems.