What is MD5?

The MD5 is a one-way cryptographic function that used hashing algorithm to produce a 128-bit hash value. It accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message.

MD5 is used in many situations wherea potentially long message needs to be processed and/or comparedquickly. The most common application is the creation and verificationof digital signatures. It was designed by well-known cryptographer Ronald Rivest in 1991.

Like most hash functions, MD5 is neither encryption nor encoding. It can be cracked by brute-force attack and suffers from extensive vulnerabilities. It can still be used as a checksum to verify data integrity, but only against unintentional corruption.

The IETF suggests MD5 hashing can still be used for integrity protection, noting "Where the MD5 checksum is used inline with the protocol solely to protect against errors, an MD5 checksum is still an acceptable use." However, itadded that "any application and protocol that employs MD5 for any purpose needs to clearly state the expected security services from their use of MD5".

MD5 is the third message digest algorithm created by Rivest. All three, the others are MD2 and MD4, have similar structures. But MD2 was optimized for 8-bit machines, in comparison with the two later formulas, which are optimized for 32-bit machines.

The MD5 algorithm is an extension of MD4, which the critical review found to be fast, but possibly not absolutely secure. Though, MD5 is not quite as fast as the MD4 algorithm but offered much more assurance of data security. It's still suitable for other non-cryptographic purposes.

How does it work?

The MD5 algorithm first divides the input into blocks of 512 bits, broken down into 16 words composed of 32 bits each. The output from MD5 is a 128-bit message digest value.

MD5 digest in separate stages that process each 512-bit block of data along with the value computed in the preceding stage. The first stage begins with the message digest values initialized using consecutive hexadecimal numerical values. Each stage includes four message digest passes which manipulate values in the current data block and values processed from the previous block. The final value computed from the last block becomes the MD5 digest for that block.

Applications of MD5

MD5 digests have been widely used in the software world to provide some assurance that a transferred file has arrived intact.

MD5 has been used to store a one-way hash of a password, often with key stretching.

It's easy to generate MD5 collisions. So, it's possible for the person who created the file to create a second file with the same checksum, so this technique cannot protect against some forms of malicious tampering. In some cases, the checksum cannot be trusted, in which case MD5 can only provide error-checking functionality. It will recognize a corrupt or incomplete download, which becomes more likely when downloading large files.

MD5 is also used in the field of electronic discovery to provide a unique identifier for each document that is exchanged during the legal discovery process.