Current location - Quotes Website - Signature design - Weaknesses of MD5
Weaknesses of MD5

At the International Cryptozoology Conference (Crypto'2004) in Santa Barbara, California, USA on August 17, 2004, Professor Wang Xiaoyun from Shandong University in China performed a decryption of MD5, HAVAL-128, MD4 and RIPEMD The algorithm report announced the cracking results of the MD series algorithms. It was announced that the fortress of MD5, the world's most impregnable cryptographic standard, collapsed, triggering an uproar in the cryptography community. (Note: It is not a real crack, it just accelerates the hash collision)

What the world's top cryptographers could not imagine is that after cracking MD5, in February 2005, Professor Wang Xiaoyun cracked another International password SHA-1. Because SHA-1 is more widely used in the United States and other international communities, the news that the password was broken caused a shocking response in the international community. In other words, Wang Xiaoyun's research results show that in theory, electronic signatures can be forged, and restrictions must be added in time, or more secure password standards must be re-selected to ensure the security of e-commerce. The authoritative website of the MD5 cracking project was established to publicly collect attacks specifically targeting MD5. The website announced on August 17, 2004: "Chinese researchers discovered a collision of the complete MD5 algorithm; Wang, Feng, Lai, and Yu announced the MD5 , MD4, HAVAL-128, and RIPEMD-128 collisions of several Hash functions. This is the most substantial research progress in the field of cryptography in recent years. Using their technology, MD5 collisions can be found within a few hours... As a result of this landmark discovery, the MD5CRK project will be concluded within the next 48 hours."

Before August 2004, the international cryptography community was not familiar with the name Wang Xiaoyun. In August 2004, at the International Cryptozoology Conference held in Santa Barbara, California, Professor Wang Xiaoyun, who was not scheduled to speak, approached the chairman of the conference with his research results. Unexpectedly, the discerning chairman of the conference made an exception and gave her 15 Minutes to introduce their results, while usually speakers are only allowed two or three minutes. Wang Xiaoyun and his assistant demonstrated hash collision of MD5, SHA-0 and other related hash functions. The so-called hash collision means that two completely different messages result in exactly the same hash value calculated by a hash function. According to the pigeonhole principle, when a hash function with a length limit is used to calculate a message without a length limit, collisions will inevitably occur. However, computer security experts have always believed that it would take too long to create a collision at will, and it is impossible to happen in actual situations. The discovery of Wang Xiaoyun and others may break this inevitability. In this way, Wang Xiaoyun announced the research results of her and her research team for the first time at an international conference - the deciphering results of four famous cryptographic algorithms such as MD4, MD5, HAVAL-128 and RIPEMD.

When the third result was announced, applause broke out in the venue, and the report had to be interrupted for a while. After the report, all the experts present gave them a long round of applause for their outstanding work, and some scholars even stood up and applauded to show their congratulations and admiration. Due to a version problem, the set of constants used by the author when submitting the conference paper were different from the prior standards. After discovering this problem, Professor Wang Xiaoyun immediately changed the constants and completed the new data analysis in a very short time. This The near-miss episode further proved the convincingness of their paper, the effectiveness of the attack method, and verified the success of the research work.

In August 2005, Wang Xiaoyun, Yao Qizhi, and Yao Qizhi’s wife Yao Chufeng (the person who named Knuth Knuth) jointly proposed the SHA-1 hash function hash collision calculation at the end of the International Cryptozoology Conference. An improved version of the law. This improved version shortens the time to crack SHA-1.

On June 8, 2006, Professor Wang Xiaoyun was awarded the Tan Kah Kee Science Award for Information Technology Science at the 13th Academician Conference of the Chinese Academy of Sciences and the 8th Academician Conference of the Chinese Academy of Engineering for "Cracking the International Universal Hash Function" award.

In 2009, Feng Dengguo and Xie Tao used differential attacks to further reduce the complexity of MD5's collision algorithm from Wang Xiaoyun's 2^42 to 2^21, and in extreme cases can even be reduced to 2^10 . A complexity of just 2^21 means that even on a 2008 computer it would only take a few seconds to find a pair of collisions.

Empty string

MD5("")= d41d8cd98f00b204e9800998ecf8427e

PHP md5() function definition and usage

md5() function Computes the MD5 hash of a string.

The md5() function uses RSA data security, including the MD5 message digest algorithm.

Explanation from RFC 1321 - MD5 message digest algorithm: The MD5 message digest algorithm takes information of any length as an input value and converts it into a 128-bit length "fingerprint information" or "report" "Abstract" value is used to represent this input value, and the converted value is used as the result.

The MD5 algorithm is primarily designed for digital signature applications where larger files are encrypted using a public key in a cryptographic system such as RSA. (done by setting a private key) before compressing in a secure manner.

To calculate the MD5 hash of a file, use the md5_file() function.

Syntax

md5(string,raw)

Parameter description string is required. Specifies the string to be calculated. raw is optional. Specifies hexadecimal or binary output format: TRUE - raw 16-character binary format FALSE - default. 32-character hexadecimal number Technical details

Return value:

Returns the calculated MD5 hash on success, or FALSE on failure.

PHP version:

4+

Change log:

In PHP 5.0, the raw parameter becomes optional.

Example

Output the result of md5():

";echo"TRUE-Raw16characterbinaryformat:".md5($str,TRUE)."
";echo"FALSE-32characterhexnumber:".md5($str)."
";?>

Related articles
  • Is it effective to send a lawyer's letter to WeChat?
  • Dream of calendars
  • Sentences suitable for cancer
  • Wechat personalized signature takes family as the theme.
  • How to investigate if a company falsifies attendance records
  • What issue is Lao Fan next door in when he sings?
  • How to cancel the SMS assistant service?
  • Are there any conditions that tomato novels must meet if they want to sign a contract to write novels?
  • Dear, who can give me some QQ signatures?
  • Xiaomi 1 1 screen size

    • copyright 2024 Quotes Website All rights reserved