Shulou(Shulou.com)06/03 Report--

MD5 algorithm is a kind of hash algorithm, although it can not be regarded as an encryption algorithm in the real sense, it can not be ignored in almost any system. The full name of MD5 algorithm is Message Digest Algorithm 5 (Information Digest algorithm 5), which is an implementation of digital digest algorithm. The length of digest is 128 bits. Because of the typical characteristics of its hash algorithm, it is doomed that he can not accurately restore the plaintext from the ciphertext, so the MD5 algorithm can not be regarded as a real encryption algorithm, but it is generally called an encryption algorithm in many places. Because of its sufficient complexity and irreversibility, it is mainly used to ensure the integrity and consistency of information transmission. He also has the early "not very impressive" generations of MD2, MD3, and MD4 (the early generations were cracked because of insufficient complexity). It is precisely because the MD5 algorithm has such characteristics that it is widely used in the industry, and the mainstream programming languages have their own implementation of MD5.

Most commonly, user passwords in many systems are encrypted using the MD5 encryption algorithm. But big trees are bound to attract fashion, just as windows systems are widely used, security is challenged, and MD5 is no exception. Du Niang will find that there are many websites that provide MD5 cracking, and some even need to charge for cracking services.

But don't worry, at present, the success rate of cracking MD5 and restoring the original data is very low (of course, not to mention the mentally retarded original text like 123456, other crackers can try on their own). This needs to mention the main cracking idea of the current MD5 algorithm, in fact, there is only one core, that is, violent collision (there are two other dictionary methods, rainbow table method are the improvement of violent collision method, the principle is the same), to put it bluntly, it is to use known characters for various abnormal combinations to generate a large number of corresponding libraries of ciphertext and the original text, and then reverse according to the ciphertext to find the corresponding plaintext.

For example, if your plaintext data is abcd1234 (of course it should not be so simple, here is just an example), and the encrypted ciphertext is e19d5cd5af0378da05f63f891c7467af, then the uneasy and kind-hearted person will use the ciphertext e19d5cd5af0378da05f63f891c7467af to provide this kind of cracking tool or service, and query whether the ciphertext corresponds to the plaintext. If so, it means that the ciphertext has been cracked successfully, and then he will log in to your account with the plaintext obtained by "cracking", and the result can be imagined.

Success has entered your territory, but this success is not perfect. Because of the irreversibility of md5, most account login processes can only encrypt the original text entered by the user into MD5 ciphertext and compare it with the ciphertext in the database.

But there is also a catch, because even if the result is not the abcd1234 mentioned above but xxxxx, it is possible to successfully log in to the system with xxxx.

Because although MD5 is irreversible, it is not unique. The so-called cracking here is not to restore the abstract to the original text. Why? Because the fixed 128-bit abstract (that is, encrypted ciphertext) is limited, and the number of original text is infinite, each summary can be obtained by several original texts through Hash. In other words, different original texts may be encrypted to get the same ciphertext. Then take the ciphertext to guess the original text will get multiple results, simply compare the ciphertext, will be considered to be consistent. The reverse is the same. Get the plaintext that may not be right to do other operations, it may not be successful.

To sum up, the low probability of successful cracking of MD5 encryption algorithm is mainly due to the following points:

1) the idea of relying on violent collision means that you need to combine as many characters as possible to form a massive pairing library, which can be used to reverse query plaintext through ciphertext, but there are tens of thousands of characters, and all of them are combined. the possibility exceeds the total number of cells on the earth, and it is estimated that the space added together by all the hard drives cannot be stored now, and the cost can be imagined.

2) at present, all the ones that can be cracked belong to those that have been guessed by the combination, and they are generally shorter or more regular combinations. As long as the longer the length, the more irregular the combination of different types of characters, the lower the probability of cracking, and almost no success.

3) even if the ciphertext is right, the original plaintext is not necessarily right, of course this is the last line of defense, resigned to fate.

In addition, there are no more than two main uses of MD5 at present, one is to encrypt sensitive data such as user passwords that do not need to be restored, and the other is to ensure the integrity and consistency of information transmission. In fact, the second use is the original purpose of his birth.

Here is a brief mention of the second use. Many payment interfaces and data interaction interfaces are based on MD5 to ensure the integrity and consistency of data, that is, it has not been tampered with in the process of network transmission. How to ensure that the data will not be tampered with, can not be done only by MD5, but also need to join hands with other encryption algorithms, please talk about it later.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.