Current location - Quotes Website - Personality signature - Talk about md5 encryption
Talk about md5 encryption

Category: Computer/Network >> Anti-Virus

Analysis:

1. Who is MD5?

The so-called MD5, that is, "Message-Digest Algorithm 5 (Message-Digest Algorithm)", is a one-way function algorithm (that is, the HASH algorithm) developed from MD2, MD3, and MD4. It was developed by R. Rivest, the first designer of the internationally renowned public key encryption algorithm standard RSA, in the early 1990s. The biggest role of MD5 is to "compress" large-capacity file information in different formats into a confidential format before using digital signature software to sign the private key. The key point is that this "compression" is irreversible.

In order to give readers an intuitive understanding of the application of MD5, the author briefly describes its working process with an analogy and an example:

As we all know, any Everyone has their own unique fingerprint, which often becomes the most trustworthy method for public security agencies to identify criminals; similarly, MD5 can generate an equally unique "digital fingerprint" for any file (regardless of its size, format, or quantity) , if anyone makes any changes to the file, its MD5 value, which is the corresponding "digital fingerprint", will change.

We often see the MD5 value of a certain software in some software download sites. Its function is that after downloading the software, we can use special software (such as Windows MD5 Check, etc.) to do an MD5 check to ensure that the file we obtain is the same file as the file provided by the site. The solution of using MD5 algorithm for file verification is widely used in software download sites, forum databases, system file security, etc.

The example mentioned by the author above is just a basic application of MD5. In fact, MD5 is also used in encryption and decryption technology, such as Unix and various BSD system login passwords (DES was used before the birth of MD5 Encryption algorithm (later DES was eliminated due to the higher security of MD5), communication information encryption (such as the familiar instant messaging software MyIM), digital signature and many other aspects.

2. The path to the demise of MD5

In fact, from the birth of MD5, two cryptography experts named Van Oorschot and Wiener from the United States discovered a violent Functions that search for conflicts, and estimate that "using a machine dedicated to searching for MD5 conflicts will find an average of one conflict every 24 days." However, since this solution only theoretically proved the insecurity of MD5, and the cost of implementation was extremely exaggerated (at that time, it would cost US$1 million to manufacture such a specialized computer), MD5 has not been used for more than ten years since its birth. There is no new version or it has been completely replaced by other algorithms.

In the following days, the "brutal attack" was born in the deciphering of MD5, that is, using the "exhaustive method" to find the original plaintext encrypted by MD5 from all possible results. However, Since MD5 uses a 128-bit encryption method, even if a machine tries 1 billion plaintexts per second, it will take about 10 to the 22nd power of years to decipher the original plaintext. However, a software called "MD5 Explosion Tool" can decipher the original plaintext every second. The calculations performed are only 20,000 times!

Through the efforts of countless MD5 algorithm research experts, various deciphering methods such as "birthday attack" and "differential attack" have been born (for related information, you can refer to the research results), which has greatly promoted the demise of the md5 algorithm. Process. Although the specific implementation method is not mentioned in the research report, we can believe that the technical obstacles have been cleared by the complete breakthrough of md5, and the remaining is only a matter of time and energy. md5crk). The latest research results of several professors at Shandong University have greatly advanced the process of the demise of the MD5 algorithm. Although the specific implementation method is not mentioned in the research report, we can believe that the complete breakthrough of MD5 has eliminated the technology. The remaining obstacles are just a matter of time and energy.