You are on page 1of 16

International Journal of Research Fellow for Engineering

Volume 6, Issue 2

A NEW APPROACH IN ENHANCE SECURITY OF MD5 HASH USING


PRE ENCRYPTION
#1
Mr.Sheo Kumar,
#1
Associate Professor (CSE), IIMT College of Engineering Greater Noida, U.P, India.
#1
a@gmail.com

ABSTRACT INTRODUCTION

The MD5 algorithm is a widely used hash MD5 is one in a series of message digest
function producing a 128-bit hash value. algorithms designed by Professor Ronald
Although MD5 was initially designed to be Rivest of MIT (Rivest, 1992). When analytic
used as a cryptographic hash function, it has work indicated that MD5's predecessor MD4
been found to suffer from extensive was likely to be insecure, Rivest designed
vulnerabilities. It can still be used as a MD5 in 1991 as a secure replacement. (Hans
checksum to verify data integrity, but only Dobbertin did indeed later find weaknesses
against unintentional corruption. Like most in MD4.)In 1993, Den Boer and Bosselaers
hash functions, MD5 is neither encryption gave an early, although limited, result of
nor encoding. It can be reversed by brute- finding a "pseudo-collision" of the MD5
force attack and suffers from extensive compression function; that is, two different
vulnerabilities as detailed in the security initialization vectors that produce an
section below. So this security thread can be identical digest.
overcome threw proposed method of
In 1996, Dobbertin announced a collision of
enhancing MD5 security by using
the compression function of MD5
encryption before hashing.
(Dobbertin, 1996). While this was not an
attack on the full MD5 hash function, it was
Index Terms—MD5, Cryptography, close enough for cryptographers to
Cryptanalysis, Cipher text, RFC, Dual recommend switching to a replacement,
encryption, RSA, Message digest, HMAC- such as SHA-1 or RIPEMD-160.
MD5, X.509, MD5CRK, SHA-1, RIPEMD-
The size of the hash value (128 bits) is small
160.
enough to contemplate a birthday attack.

www.ijrfe.co.in Page 1
International Journal of Research Fellow for Engineering
Volume 6, Issue 2

MD5CRK was a distributed project started emblem.[10] On 24 December 2010, Tao Xie
in March 2004 with the aim of and Dengguo Feng announced the first
demonstrating that MD5 is practically published single-block (512-bit) MD5
[11]
insecure by finding a collision using a collision. (Previous collision discoveries
birthday attack. MD5CRK ended shortly had relied on multi-block attacks.) For
after 17 August 2004, when collisions for "security reasons", Xie and Feng did not
the full MD5 were announced by Xiaoyun disclose the new attack method. They issued
Wang, Dengguo Feng, Xuejia Lai, and a challenge to the cryptographic community,
Hongbo Yu.[4][5] Their analytical attack was offering a US$10,000 reward to the first
reported to take only one hour on an IBM finder of a different 64-byte collision before
p690 cluster.[6] 1 January 2013. Marc Stevens responded to
the challenge and published colliding single-
On 1 March 2005, Arjen Lenstra, Xiaoyun
block messages as well as the construction
Wang, and Benne de Weger demonstrated
algorithm and sources.[12]
construction of two X.509 certificates with
different public keys and the same MD5 2. LITERATURE REVIEW
hash value, a demonstrably practical
collision.[7] The construction included
MD5 digests have been widely used in the
private keys for both public keys. A few
software world to provide some assurance
days later, Vlastimil Klima described an
that a transferred file has arrived intact. For
improved algorithm, able to construct MD5
example, file servers often provide a pre-
collisions in a few hours on a single
computed MD5 (known as md5sum)
notebook computer.[8] On 18 March 2006,
checksum for the files, so that a user can
Klima published an algorithm that could
compare the checksum of the downloaded
find a collision within one minute on a
file to it. Most Unix-based operating
single notebook computer, using a method
systems include MD5 sum utilities in their
he calls tunnelling.[9]
distribution packages; Windows users may
use the included Power Shell function "Get-
Various MD5-related RFC errata have been
File Hash", install a Microsoft utility,[42][43]
published. In 2009, the United States Cyber
or use third-party applications. Android
Command used an MD5 hash value of their
ROMs also use this type of checksum
mission statement as a part of their official

www.ijrfe.co.in Page 2
International Journal of Research Fellow for Engineering
Volume 6, Issue 2

the Bates stamp numbering system that has


been used for decades during the exchange
of paper documents.

A. How MD5 works

2.1 PREPARIG THE INPUT

The MD5 algorithm first divides the input in


blocks of 512 bits each. 64 Bits are inserted
Figure 1.1 at the end of the last block. These 64 bits are
used to record the length of the original
As it is easy to generate MD5 collisions, it is
input. If the last block is less than 512 bits,
possible for the person who created the file
some extra bits are 'padded' to the end.
to create a second file with the same
checksum, so this technique cannot protect Next, each block is divided into 16 words
against some forms of malicious tampering. of 32 bits each. These are denoted as M 0 ...
In some cases, the checksum cannot be M15.
trusted (for example, if it was obtained over
the same channel as the downloaded file), in 2.2 MD5 HELPER FUNCTIONs
which case MD5 can only provide error-
 The buffer
checking functionality: it will recognize a
corrupt or incomplete download, which MD5 uses a buffer that is made up of four
becomes more likely when downloading words that are each 32 bits long. These
larger files. MD5 can be used to store a one- words are called A, B, C and D. They are
way hash of a password, often with key initialized as
[44][45]
stretching. Along with other hash
functions, it is also used in the field of Word A: 01 23 45 67
electronic discovery, in order to provide a Word B: 89 ab cd ef
unique identifier for each document that is Word C: fe dc ba 98
exchanged during the legal discovery Word D: 76 54 32 10
process. This method can be used to replace

www.ijrfe.co.in Page 3
International Journal of Research Fellow for Engineering
Volume 6, Issue 2

 The table involves 16 basic operations. One operation


is illustrated in the figure below.
MD5 further uses a table K that has 64
elements. Element number i is indicated as
Ki. The table is computed beforehand to
speed up the computations. The elements are
computed using the mathematical sin
function:

Ki = abs (sin (i + 1)) * 232

 Four auxiliary functions

In addition MD5 uses four auxiliary


functions that each take as input three 32-bit
The figure 1.2 shows how the auxiliary
words and produce as output one 32-bit
function F is applied to the four buffers (A,
word. They apply the logical operators and,
B, C and D), using message word Mi and
or, not and xor to the input bits.
constant Ki. The item "<<<s" denotes a
F(X, Y, Z) = (X and Y) or (not(X) and binary left shift by s bits.
Z)
G(X, Y, Z) = (X and Z) or (Y and not  The output

(Z))
After all rounds have been performed, the
H(X, Y, Z) = X xor Y xor Z
buffers A, B, C and D contain the MD5
I(X, Y, Z) = Y xor (X or not (Z))
digest of the original input. MD5 processes a
variable-length message into a fixed-length
2.2. PROCESSING THE BLOCK
output of 128 bits. The input message is

The contents of the four buffers (A, B, C broken up into chunks of 512-bit blocks

and D) are now mixed with the words of the (sixteen 32-bit words); the message is

input, using the four auxiliary functions (F, padded so that its length is divisible by 512.

G, H and I). There are four rounds, each The padding works as follows: first a single
bit, 1, is appended to the end of the message.

www.ijrfe.co.in Page 4
International Journal of Research Fellow for Engineering
Volume 6, Issue 2

This is followed by as many zeros as are (complexity 239).[17] The ability to find
required to bring the length of the message collisions has been greatly aided by the use
up to 64 bits fewer than a multiple of 512. of off-the-shelf GPUs. On an NVIDIA
The remaining bits are filled up with 64 bits GeForce 8400GS graphics processor, 16–18
representing the length of the original million hashes per second can be computed.
message, modulo 264.The main MD5 An NVIDIA GeForce 8800 Ultra can
algorithm operates on a 128-bit state, calculate more than 200 million hashes per
divided into four 32-bit words, denoted A, B, second. These hash and collision attacks
C, and D. These are initialized to certain have been demonstrated in the public in
fixed constants. The main algorithm then various situations, including colliding
uses each 512-bit message block in turn to document files and digital certificates. As of
modify the state. The processing of a 2015, MD5 was demonstrated to be still
message block consists of four similar quite widely used, most notably by security
stages, termed rounds; each round is research and antivirus companies.
composed of 16 similar operations based on
3. PROPOSED METHOD
a non-linear function F, modular addition,
and left rotation. Figure 1 illustrates one
So as we can see that there are various
operation within a round. There are four
security threads using MD5 hashing and any
possible functions F; a different one is used
one can break the security of MD5 hashing
in each round:
algorithm using various attacking methods
and can get access to our confidential data.
 Security issues

So here is the proposed method to enhance


The security of the MD5 hash function is
the security of MD5 in which, we can
severely compromised. A collision attack
encrypt the input data of MD5 before
exists that can find collisions within seconds
generation of hash value and when any
on a computer with a 2.6 GHz Pentium 4
attacker make attack on hash code and try to
processor (complexity of 224.1).[16] Further,
decrypt it, then he will find only encrypted
there is also a chosen-prefix collision attack
data only but not the original data for which
that can produce a collision for two inputs
hash code was created using MD5.
with specified prefixes within hours, using
off the shelf computing hardware

www.ijrfe.co.in Page 5
International Journal of Research Fellow for Engineering
Volume 6, Issue 2

This method will work as follow: string q = "qr", Q = "QR";

Step 1: Encrypt the input data before string r = "rq", R = "RQ";

sending to MD5 algorithm by using string s = "st", S = "ST";


following algorithm
string t = "ts", T = "TS";
String str; //this is input data
string u = "uv", U = "UV";
string a = "ab", A = "AB";
string v = "vu", V = "VU";
string b = "ab", B = "AB";
string w = "wx", W = "WX";
string c = "cd", C = "CD";
string x = "xw", X = "XW";
string d = "dc", D = "DC";
string y = "yz", Y = "YZ";
string e = "ef", E = "EF";
string z = "zy", Z = "ZY";
string f = "fe", F = "FE";
string num0 = "01";
string g = "gh", G = "GH";
string num1 = "10";
string h = "hg", H = "HG";
string num2 = "23";
string i = "ij", I = "IJ";
string num3 = "32";
string j = "ji", J = "JI";
string num4 = "45";
string k = "kl", K = "KL";
string num5 = "54";
string l = "lk", L = "LK";
string num6 = "67";
string m = "mn", M = "MN";
string num7 = "76";
string n = "nm", N = "NM";
string num8 = "89";
string o = "op", O = "OP";
string num9 = "98";
string p = "po", P = "PO";
String encrypted = "";

www.ijrfe.co.in Page 6
International Journal of Research Fellow for Engineering
Volume 6, Issue 2

for (int ii = 0; ii < str.Length; ii++) }

start else if (str.Substring(ii, 1) == "C")

if ((str.Substring(ii, 1) == "a")) {

{ encrypted = encrypted + C;

encrypted = encrypted + a; }

} else if (str.Substring(ii, 1) == "d")

else if (str.Substring(ii, 1) == "A") {

{ encrypted = encrypted + d;

encrypted = encrypted + A; }

} else if (str.Substring(ii, 1) == "D")

else if (str.Substring(ii, 1) == "b") {

{ encrypted = encrypted + D;

encrypted = encrypted + b; }

} else if (str.Substring(ii, 1) == "e")

else if (str.Substring(ii, 1) == "B") {

{ encrypted = encrypted + e;

encrypted = encrypted + B; }

} else if (str.Substring(ii, 1) == "E")

else if (str.Substring(ii, 1) == "c") {

{ encrypted = encrypted + E;

encrypted = encrypted + c; }

www.ijrfe.co.in Page 7
International Journal of Research Fellow for Engineering
Volume 6, Issue 2

else if (str.Substring(ii, 1) == "f") {

{ encrypted = encrypted + H;

encrypted = encrypted + f; }

} else if (str.Substring(ii, 1) == "i")

else if (str.Substring(ii, 1) == "F") {

{ encrypted = encrypted + i;

encrypted = encrypted + F; }

} else if (str.Substring(ii, 1) == "I")

else if (str.Substring(ii, 1) == "g") {

{ encrypted = encrypted + I;

encrypted = encrypted + g; }

} else if (str.Substring(ii, 1) == "j")

else if (str.Substring(ii, 1) == "G") {

{ encrypted = encrypted + j;

encrypted = encrypted + G; }

} else if (str.Substring(ii, 1) == "J")

else if (str.Substring(ii, 1) == "h") {

{ encrypted = encrypted + J;

encrypted = encrypted + h; }

} else if (str.Substring(ii, 1) == "k")

else if (str.Substring(ii, 1) == "H") {

www.ijrfe.co.in Page 8
International Journal of Research Fellow for Engineering
Volume 6, Issue 2

encrypted = encrypted + k; }

} else if (str.Substring(ii, 1) == "n")

else if (str.Substring(ii, 1) == "K") {

{ encrypted = encrypted + n;

encrypted = encrypted + K; }

} else if (str.Substring(ii, 1) == "N")

else if (str.Substring(ii, 1) == "l") {

{ encrypted = encrypted + N;

encrypted = encrypted + l; }

} else if (str.Substring(ii, 1) == "o")

else if (str.Substring(ii, 1) == "L") {

{ encrypted = encrypted + o;

encrypted = encrypted + L; }

} else if (str.Substring(ii, 1) == "O")

else if (str.Substring(ii, 1) == "m") {

{ encrypted = encrypted + O;

encrypted = encrypted + m; }

} else if (str.Substring(ii, 1) == "p")

else if (str.Substring(ii, 1) == "M") {

{ encrypted = encrypted + p;

encrypted = encrypted + M; }

www.ijrfe.co.in Page 9
International Journal of Research Fellow for Engineering
Volume 6, Issue 2

else if (str.Substring(ii, 1) == "P") {

{ encrypted = encrypted + s;

encrypted = encrypted + P; }

} else if (str.Substring(ii, 1) == "S")

else if (str.Substring(ii, 1) == "q") {

{ encrypted = encrypted + R;

encrypted = encrypted + q; }

} else if (str.Substring(ii, 1) == "t")

else if (str.Substring(ii, 1) == "Q") {

{ encrypted = encrypted + t;

encrypted = encrypted + Q; }

} else if (str.Substring(ii, 1) == "T")

else if (str.Substring(ii, 1) == "r") {

{ encrypted = encrypted + T;

encrypted = encrypted + r; }

} else if (str.Substring(ii, 1) == "u")

else if (str.Substring(ii, 1) == "R") {

{ encrypted = encrypted + u;

encrypted = encrypted + R; }

} else if (str.Substring(ii, 1) == "U")

else if (str.Substring(ii, 1) == "s") {

www.ijrfe.co.in Page 10
International Journal of Research Fellow for Engineering
Volume 6, Issue 2

encrypted = encrypted + U; }

} else if (str.Substring(ii, 1) == "X")

else if (str.Substring(ii, 1) == "v") {

{ encrypted = encrypted + X;

encrypted = encrypted + v; }

} else if (str.Substring(ii, 1) == "y")

else if (str.Substring(ii, 1) == "V") {

{ encrypted = encrypted + y;

encrypted = encrypted + V; }

} else if (str.Substring(ii, 1) == "Y")

else if (str.Substring(ii, 1) == "w") {

{ encrypted = encrypted + Y;

encrypted = encrypted + w; }

} else if (str.Substring(ii, 1) == "z")

else if (str.Substring(ii, 1) == "W") {

{ encrypted = encrypted + z;

encrypted = encrypted + W; }

} else if (str.Substring(ii, 1) == "Z")

else if (str.Substring(ii, 1) == "x") {

{ encrypted = encrypted + Z;

encrypted = encrypted + x; }

www.ijrfe.co.in Page 11
International Journal of Research Fellow for Engineering
Volume 6, Issue 2

else if (str.Substring(ii, 1) == "0") {

{ encrypted = encrypted + num5;

encrypted = encrypted + num0; }

} else if (str.Substring(ii, 1) == "6")

else if (str.Substring(ii, 1) == "1") {

{ encrypted = encrypted + num6;

encrypted = encrypted + num1; }

} else if (str.Substring (ii, 1) == "7")

else if (str.Substring (ii, 1) == "2") {

{ encrypted = encrypted + num7;

encrypted = encrypted + num2; }

} else if (str.Substring (ii, 1) == "8")

else if (str.Substring (ii, 1) == "3") {

{ encrypted = encrypted + num8;

encrypted = encrypted + num3; }

} else if (str.Substring(ii, 1) == "9")

else if (str.Substring (ii, 1) == "4") {

{ encrypted = encrypted + num9;

encrypted = encrypted + num4; }

} else

else if (str.Substring(ii, 1) == "5") {

www.ijrfe.co.in Page 12
International Journal of Research Fellow for Engineering
Volume 6, Issue 2

encrypted = encrypted + ""; sBuilder.Append (data[i].To String ("x2"));

} **// this convert each digit to hexadecimal

If (encrypted. Length < 64) end

start return sBuilder.ToString ();

Int added value = 0; Now we will get the MD5 hash value of
encrypted input data.
for (int c = 0; c < (64 - encrypted. Length)
- 2; c++) Let's take the following example:

start string str="12"; (input data)

encrypted = encrypted + '*'; Step 1: encrypt the input string '12' by using
proposed algorithm
addedvalue = count;
I. In 1st loop the proposed algorithm
end
will convert first alphabet of input
encrypted = encrypted + addedvalue; string '1' to '10'.
II. Now in same loop the next if
end
condition will be satisfied and the
end for loop inner loop will add '*' and added
value to encrypted string and will
Step 2: Now calculate MD5 hash for this
make it -
encrypted input data

MD5 md5hash=MD5.Create (); byte[]data = 10****************************


md5hash.ComputeHash(Encoding.UTF8.Ge **29
tBytes (encrypted))
Where 29 is the final added value.
StringBuilder builder = new StringBuilder();
III. In 2nd loop the proposed algorithm
for (int i = 0; i < data.Length; i++) will convert second alphabet of input
string '2' to '23' and will upend the
start
previous out with 23.

www.ijrfe.co.in Page 13
International Journal of Research Fellow for Engineering
Volume 6, Issue 2

10**************************** (Sender)
**2923
IV. Now in same loop the next if Plain Encrypte
d Text
condition will be satisfied and the MD5
Text
inner loop will add '*' and added
value to encrypted string and will Proposed Algorithm

make it -
10**************************** Hash Value
Attack
**2923*************12 er (Transmitted to

Where 12 is the final added value in Receiver)

this inner loop. 'Encrypted Text' only, but


V. Now MD5 hash is created for above not the original 'Plain Text'

encrypted output and each byte of


hash is converted to hexadecimal
using string builder. The final output
string will be as follow. ------------------------------------------------------
-----------------------

'847d1ad3be63077192a2e22d9603ac21' (Receiver)
Received Hash Value
VI. This final hash value can be used to
authenticate the data by comparing
(Not Matched)
the string which is generated by
Calculated Hash
encrypting the transmitted data with
Value
same proposed algorithm followed
by hash value generation. Plain Encrypte MD5
The above example can be described by Text d

block diagram as follow: Text

Proposed Algorithm

www.ijrfe.co.in Page 14
International Journal of Research Fellow for Engineering
Volume 6, Issue 2

REFERENCES
------------------------------------------------------
--------------------- 1) R. Rivest, “The MD5 Message-Digest
Algorithm,” RFC 1321, Apr. 1992.

Received Hash Value 2) H. Dobbertin, A. Bosselaers and B.


Preneel, “RIPEMD-160: A Strengthened
(Matched)
Version of RIPEMD, Fast Software
Calculated Hash
Encryption,” LNCS 1039, pp. 71-92,
Value
Springer-Verlag, 1996.

Plain Encrypted MD5 3) W. Stallings, Cryptography and Network


Text Security, 2nd ed., Now York: Prentice-
Text
Hall, 1997.

Proposed Algorithm 4) S. Dominikus, “A hardware


implementation of MD4-family hash
algorithms,” Proc. 9th Int. Conf. on
Figure 2.1
Electronics, Circuits and Systems, vol. 3,
pp. 1143-1146, 2002
4. CONCLUSION
5) .MD5 is faster than SHA-1.Journal Of
Omnifarious-Myth.
Here we can see that hash value can be
cracked by any attacker, so if we follow the 6) William Stalling7, Fourth Edition,
above proposed method, then if the attacker Cryptography and Network Security
will be successful to crack the hash code (Various Hash Algorithms).
then it will be able to get only encrypted 7) F. Chabaud, A. Joux. "Differential
string but not the original data. Hence we Collisions in SHA-0". In Advances in
can enhance the security of MD5 using Cryptology CRYPTO'98, Santa Barbara,
above proposed method. A, Lecture Notes in Computer Science
1462. Springer-Verlag, NY, pp. 56–71,
1998.

www.ijrfe.co.in Page 15
International Journal of Research Fellow for Engineering
Volume 6, Issue 2

8) NIST FIPS PUB 180-1. Oct. 2001.

9) NIST, "Secure Hash Standard (SHS)",


FIPS PUB 180-2, 2002.

10) K. Matusiewicz and J. Pieprzyk "Finding


good differential patterns for attacks on
SHA-1" eprint 2004 Available:
http://eprint. Iacr. Org/2004/364. Pdf.

11) F. Chabaud, A. Joux. "Differential


Collisions in SHA-0". In Advances in
Cryptology CRYPTO'98, Santa Barbara,
A, Lecture Notes in Computer Science
1462. Springer-Verlag, NY, pp. 56–71,
1998.

12) Rivest R L. The MD5 message digest


algorithm [EB/OL]

13) J. Black, M. Cochran, T. Highland: A


Study of the MD5 Attacks: Insights and
Improvements, March 3, 2006

14) M. E. Hellman, H. R. Amirazizi, "A


Cryptanalytic Time - Memory Trade-
Off," IEEE Transactions on Information
Theory, vol. 34-3, pp. 505-512, 198

www.ijrfe.co.in Page 16