You are on page 1of 26

MD5 ALGORITHM

By Akshay Sharma (08IT000366) Riddhi Surana (08IT000375) Swapnil Bhatnagar (08IT000379)

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING SIR PADAMPAT SINGHANIA UNIVERSITY UDAIPUR

SESSION 2010-2011

CERTIFICATE

This is to certify that Mr. Akshay Sharma, Ms. Riddhi Surana and Mr. Swapnil Bhatnagar the students of B.Tech(Information Technology) Sixth(VIth) Semester have submitted their Seminar entitled “MD5 Encryption” under my guidance.

Mr. Avinash Panwar (Guide)

CERTIFICATE OF COMPLETION

This is to certify that Mr. Akshay Sharma, Ms. Riddhi Surana and Mr. Swapnil Bhatnagar the students of B.Tech(Information Technology) Sixth(VIth) Semester have presented and have successfully completed their Seminar entitled “MD5 Encryption” in the presence of undersigned dignitaries.

Mr. Arun Kumar (H.O.D)

Other Evaluators

ACKNOWLEDGEMENT

It is our profound privilege to express deep sense of gratitude towards our institute Sir Padampat Singhania University, Udaipur. We would also like to thank Prof. P.C. Deka, Vice – Chancellor (SPSU); Prof. Arun Kumar, H.O.D (CSE/IT) for having permitted us to carry out this project work; immense pleasure in thanking Mr. Deepak Gour and Mr. Sandeep Chourasia, major seminar in charge for their encouragement and their appreciation. We wish to extend our gratitude in all sincerity to our internal guide, Mr. Avinash Panwar and other faculties for their able guidance and useful suggestions, which helped us in completing the report work, in time. Finally, yet importantly, we would like to express our heartfelt thanks to our beloved parents for their blessings, our friends, classmates for their help and wishes for successful completion of this report.

Akshay Sharma 08IT000366 Sem-VIth (IT)

Riddhi Surana 08IT000375 Sem-VIth (IT)

Swapnil Bhatnagar 08IT000379 Sem-VIth (IT)

ABSTRACT

MD5 or Message-Digest algorithm 5 is a type of cryptographic hash function that is generally used together with a 128-bit hash value. It is commonly expressed as 32-digit hexadecimal number. The Message-Digest (MD) algorithm 5 Professor was created and developed by Ronald L. Rivest from MIT, which is the third version of Message Digest (The previous encryptions of this category were the MD2 and MD4) and quite similar to MD5 with respect to structure.

Previously to MD5, MD2 and MD4 were developed; in which MD2 was developed for 8-bit processors whereas MD4 was not used at a large scale due to lack of security and MD4 & MD5 were optimized for 32-bit processors which are widely used in different sectors today. Message-Digest Algorithm 4 holds a good capability but was not at all good with respect to security issues. MD5 was developed to enhance the security feature of the algorithm. However, in 1996, it was discovered that MD5 was also vulnerable to some attacks; though it was not as severe but it sent a message for a better replacement of the algorithm. Thus, MD5 is not used in some fields of applications like SSL or digital signatures that rely on this property.

Rivest produced this product for the purpose of using MD5 with digital signature applications. A Digital signature program includes compression of large-sized files using safest method possible before it undergoes encryption using a password, which is under a public key cryptosystem.

Today, MD5 algorithm is widely used in the process of assessing the authenticity of certain files. The procedure of verification occurs in such a way that a 128-bit-message-digest of any length is formed based on a primary data input. This is considered to be exclusive to just a single data and it acts as an individual fingerprint as well. MD5 has been widely used in the software world to provide some assurance that a transferred file has arrived. But now days, it is quite easy to generate MD5 collisions, and so far, it is possible for the person who created the file to create a second file with the same checksum, so the file can be protected against some forms of malicious tampering.

MESSAGE-DIGEST ALGORITHM 5

TABLE OF CONTENTS

TITLE

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16.

Introduction History of MD5 Hash Functions MD5 hashes Visual Examples Cryptography Different Cryptographic Hash Functions MD5 – The Algorithm PHP Syntax Applications of MD5 algorithm How to use MD5 Hash to check the Integrity of Files? Validity check in UNIX Why is MD5 still used widely? Performance of MD5 Difference between MD5 and its predecessors Limitations a. Vulnerabilities  Collision vulnerabilities  Pre-image vulnerability  Other vulnerabilities

Conclusions List of Symbols and Abbreviations References

Introduction
MD5 encryption is always mentioned when we discuss over the topic of Cryptography. MD stands for „Message – Digest‟ and describes a mathematical function that takes into account a variable length string for processing. The number 5 at the end simply signifies that MD5 was the successor to MD4. Message-Digest algorithm 5, more commonly known as MD5, is a type of cryptographic hash function that is generally used together with a 128-bit hash value. MD5 is greatly utilized in different security functions as identified in the standard Internet Engineering Task Force (IETF). According to the experts, MD5 hash is commonly expressed as 32-digit hexadecimal number. MD5 was created and developed by Prof. Ronald L. Rivest of MIT, which is the third in this series of message digests. The other two encryptions were the MD2 and MD4 and these were quite the same with MD5 with respect to their structure. However, MD2 was more preferred on machines that run in 8-bit while the two more recent algorithms (MD4 and MD5) were designed to work on 32-bit-type of computers. The most common use of MD5 is to validate the authenticity of any file. Rivest developed MD5 with a view to use it widely in digital signature applications. Digital signature programs involve with the function of

compressing large-sized files using a safe method before encryption (using a password), which is under a public key Cryptosystem. It is a very rare sight when any cryptographic algorithm has been proved to be perfect. Algorithms are examined as well as tested very carefully by the cryptographers but only a few stands the test of time. The MD5 Algorithm is also not perfect because MD5 too has some problems. It was proposed that, to produce two messages which have the same Message Digest is computationally infeasible. But, unfortunately, it led to the problems concerning Multicollision attacks. Collisions have been yielded for several one-way hash algorithms. Of these, MD5 is the most problematic due to its heavy deployment. It largely affected, HMAC and Digital Signatures within Digital Rights Management (DRM) Systems. Nevertheless, MD5 has been around for years and still provides some decent level of security for certain things, it is commonly used to store passwords in databases since MD5 cannot be reversed, passwords are consider secure and safe if they are stored in this format. The word “Message-Digest” here implies a unique identification or a fingerprint of a file. Since any small change in the file can change its hash string, so it is most commonly used in checking the integrity of the file. The MD5 algorithm is designed to be quite fast on 32-bit machines. In addition, the MD5

algorithm does not require any large substituting tables; the Algorithm can be coded quite compactly. MD5 is somewhat slower than that of MD4 algorithm, but is more securely and conservatively designed.

For example, MD5 ("The quick brown fox jumps over the lazy dog") = 9e107d9d372bb6826bd81d3542a419d 6

History of MD5
MD5 is an algorithm developed by Professor Ronald Rivest of MIT University in the series of MessageDigest Algorithms. When statistics and analytics indicated that the predecessor of MD5, i.e. MD4 algorithm is quite insecure and vulnerable, MD5 was designed in 1991 to be more securable and conservative replacement against attacks. In 1993, Dan Boer and Bosselaers were succeeded partially in finding that two different initialization vectors produce an identical digest. In 1996, Dobbertin announced a collision of compression function of MD5 algorithm. This was actually not an attack over the whole MD5 function but it suggested considering any better cryptographic replacement for use. On March 18th, 2006, Klima published an algorithm which was capable of finding collision in MD5 on a single notebook computer, using a method particularly known as Tunnelling. In 2008, United States Cyber Command used a MD5 hash of their mission statement as a part of their official emblem. On December 24th, 2010, Tao Xie and Dengguo Feng announced the first published single-block MD5 collision (two 64-byte messages with same MD5 hash). Previous collision discoveries relied on multi-block attacks. Xie and Fend, for some reasons didn‟t disclose the new attack method. They have challenged the Cryptographic community of $10,000 for the one who finds any other 64byte collision method before January 1st, 2013.

Hash-function
A hash function is any well-defined function which converts large amount of data into a small data representation. The Hash Function returns a calculated value known as hash values, hash codes, hash sums, checksums or hashes. Hash functions are most commonly used for searching the data or for tasks like comparison, finding items in large databases, detecting similar or duplicate records in large files, etc.

Hash functions are also used in hash tables to quickly locate the data, used to build cache for large data.

The 128-bit or, more specifically, 16byte MD5 hashes (also termed message digests) can be represented in the form of a sequence of 32 hex digits. The following demonstrates a 43-byte ASCII input and the corresponding MD5 hash: MD5 ("Sir Padampat Singhania University") = 3c6923b9e53a2612a2d583091151f3 Even a small change in the message will (with overwhelming probability) result in a mostly different hash, due to the avalanche effect. For example, adding a period to the end of the sentence: MD5 ("Sir Padampat Singhania University.") = d07f692567e28abb2b9f947d91b1fc3 The hash of the zero-length string is: MD5 ("") = d41d8cd98f00b204e9800998ecf8427e

MD5 Hashes

Visual Example of MD5 Hashes:

i.

An image demonstrating the MD5 hashes string of an email-id.

ii.

An image calculating the MD5 Hash of a string.

Cryptography
Cryptography or cryptology is the pattern and study of hiding information or data. Modern cryptography mainly deals with the field of mathematics, computer science and electrical engineering. Cryptography applications are mostly used in ATM cards, computer passwords and electronic commerce. History of cryptography indicates that it is purely used only for conversion of message (i.e. encryption). [5]The origin of cryptography probably goes back to the very beginning of human

existence, as people tried to learn how to communicate. They consequently had to find means to guarantee secrecy as part of their communications. Howsoever, the first deliberate use of these kinds of technical methods may be attributed to the ancient Greeks, around 6 years BC: a stick, named "scytale" was used. The sender would roll a strip of paper around the stick and write his message longitudinally on it. He then unfolds the paper and sends it over to an addressee. Decrypting the message without knowledge of the stick‟s width - acting here as a secret key - was meant to be impossible. Later, Romans used Caesar‟s Cipher code to communicate (a three letter alphabet shift). Main use of encryption was to ensure the privacy of the data or message in communication from spies or diplomats. In this day‟s this filed make so much progress with new techniques like message integrity checking, sender/receiver identity authentication, digital signatures, secure computations etc. The modern field of cryptography have lots of area for studying some are like public-key cryptography which include

the use of asymmetric key algorithms rather than symmetric key algorithms, Quantum Cryptography gives the quantum mechanical effects, Caesar cipher also known as shift cipher, it is simplest and widely used encryption technique. It is like a substitution cipher in which letter in the text is replaced by the some fixed numbers.
[2]

Within the context of any application-toapplication communication, there are some specific security requirements, including:

Authentication: The process of proving one's identity. (The primary forms of host-to-host authentication on the Internet today are name-based or addressbased, both of which are notoriously weak.) Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver. Integrity: Assuring the receiver that the received message has not been altered in any way from the original. Non-repudiation: A mechanism to prove that the sender really sent this message.

Different Cryptographic Hash Functions:

Name GOST HAS-160 HAVAL MD2 MD4 MD5 RadioGatún RIPEMD-64 RIPEMD-160 RIPEMD-320 SHA-1 SHA-224 SHA-256 SHA-384 SHA-512 Skein Snefru Tiger Whirlpool FSB ECOH SWIFFT

Length 256 bits 160 bits 128 to 256 bits 128 bits 128 bits 128 bits Up to 1216 bits 64 bits 160 bits 320 bits 160 bits 224 bits 256 bits 384 bits 512 bits Arbitrary 128 or 256 bits 192 bits 512 bits 160 to 512 bits 224 to 512 bits 512 bits

Type Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash

Table 1. Different types of Cryptographic Hash Functions

MD5 ALGORITHM
The MD5 algorithm is an extension of the MD4 message-digest algorithm. MD5 is a block-chained digest algorithm, computed over the data in

phases of 512-byte blocks organized as little-endian 32-bit words (Figure). The first block is processed with an initial seed, resulting in a digest that becomes the seed for the next block. When the last block is computed, its digest is the digest for the entire stream. This chained seeding prohibits parallel processing of the blocks.

MD5 algorithm uses four rounds, each applying one of four non-linear functions to each sixteen 32-bit segments of a 512-bit block source text. The result is a 128-bit digest. Figure 1 is a graph representation that illustrates the structure of the MD5 algorithm.

64 bits less than a multiple of 512 bits. The padding is performed by Let us suppose that we are giving an input message of b-bit and we want to find its message digest. Here, b is an arbitrary integer which can be equal to greater than zero but no less than zero. Therefore, let the bits of the input message be as follows: m0 m1 m2 ... m (b-1) The MD5 Algorithm takes in concern the following steps to compute the Message digests of the given input message.

appending a single “1” bit to the input message, and then “0” bits are appended so that the length in bits of the padded message becomes equal to 448 bits. 2. Append 64-bit number. Now, the length of the input message is converted to 64-bit representation and then it is appended to the previous result. After this processing, the resulting message of padded bits and b, has a length that is an exact multiple of 512 bits. Also, this message has a length that is an exact multiple of 16 (32-bit) words. Thus, m [0 ... n-1] denote the words of the resulting message; where n is a multiple of 16.

1. Padding the input message. The b-bit message is extended or more specifically “padded”, so that its length reaches 448 bits, which is

3. Message-Digest Buffer is initialized. A 4-word buffer (A, B, C and D) is used to compute the message digest. Here, each of A, B, C, D is a 32-bit register. These registers are initialized to the following values in hexadecimal: Word A: 01 23 45 67 Word B: 89 ab cd ef Word C: fe dc ba 98 Word D: 76 54 32 10 4. Processing of each 16-Word Blocks. Firstly, four functions are defined that take as input three 32-bit words and result in an output of one 32-bit word. They are as follows:

The message digest produced as output is A, B, C and D. That is, we begin with the low-order byte of A, and end with the high-order byte of D. The steps have optimization limitations, due to the mathematical properties of the operations used:    Additions can be reordered by commutative laws. Rotate does not distribute over addition. Addition does not distribute over rotation or logicals.

The Algorithm
[3][4]

Where,

Denote the XOR, OR, AND, and NOT operations respectively. Here, we will also use a 64-element table T [1 ... 64] constructed from the Sine function. Let T[i] denote the i th element of the table, which is equal to the integer part of 4294967296 times abs (sin (i)), where I is in radians. 5. Output.

The algorithm takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given pre-specified target message digest. The MD5 algorithm is intended for digital signature applications, where a large file must be "compressed" in a secure manner before being encrypted with a private (secret) key under a public-key cryptosystem such as RSA

FOR I = 0 TO N/16-1 DO FOR J = 0 TO 15 DO SET X[J] TO M [I*16+J]. END AA = A BB = B CC = C DD = D

//PROCESS EACH 16 -WORD BLOCK. //COPY BLOCK I INTO X. //OF LOOP ON J //SAVE A AS AA, B AS BB, C AS CC, AND D AS DD.

//LET [ABCD K S I] DENOTE THE OPERATION //A = B + ((A + F(B, C,D) + X[K] + T[I]) <<< S). /* THEN PERFORM THE FOLLOWIN G ADDITIONS. (THAT IS INCREMENT EACH OF THE FOUR REGISTERS BY THE VALUE IT HAD BEFORE THIS BLOCK WAS STARTED.) */ A = A + AA B = B + BB C = C + CC D = D + DD END

PHP Syntax for generating MD5 Hash
$password = md5 ($password);

PHP Syntax for Login Form
Let's say $_POST ["pass"] is the password they submit and $real_pass is the md5 from your database. if (md5($_POST["pass"] == $real_pass) { // Password correct

// Set cookies, redirect, display page } else { // Password incorrect // Redirect, show Error }

Applications of MD5
Message-Digest is widely used in different softwares to provide some assurance that a transferred file has arrived intact. For example, some File Servers provide a pre-computed MD5 (called MD5sum) checksum for their files, so that one can compare the checksum or hash string of the downloaded file with it. The Unix-based operating systems (viz. Debian, Ubuntu, etc.) include MD5 sum utilities in their distribution packages, whereas Windows users need to use third-party applications for generating a hash string. Protection from tampering- Suppose we have released a program or software and is freely distributed among the people. But, if someone who want to tamper the application, will add a malware onto the software program. Now, if we take an MD5 checksum of the original program and then compare it with the MD5 checksum of the downloaded version. If it matches that means the file is safe otherwise it means that the software or the program has been tampered. However, now it is quite easy to generate MD5 collisions. Now, the person who created the file can give a checksum to second file with the same checksum, so this technique cannot protect against some forms of malicious tampering. Also, in some cases, the checksum cannot be trusted (for example, if it was obtained over the same channel as the downloaded file), in which case MD5 can only provide error-checking functionality: it will recognize a corrupt or incomplete download, which becomes more likely when downloading larger files. MD5 can also be used to store passwords. MD5 technique is also used for authentication in a number of protocols. It has also been included as an encapsulation mechanism in SIPP,

IPv6, and IPv4. A partial list of protocols or protocol options using MD5 is as follows:      SNMP V2 IPv6 / IPng IPng ESH (uses DES) IPv4 SIPP (progenitor of IPng)

      

OSPF RIP-II RIPng TCP SOCKS V5 WWW's Secure HyperText Transfer Protocol WWW's SimpleMD5

How to use MD5 Hash to check the Integrity of Files?
Suppose we have a file called file.tar on our server. Before we download, we will be generating an MD5 hash for this file on the Server. For this purpose, we will be using the following shell commands in UNIX. For UNIX:  md5sum file.tar After hitting ENTER key, we‟ll see the MD5 Hash as below: e4d909c290d0fb1ca068ffaddf22cbd 0 This is the MD5 hash string for the file “file.tar”. After downloading this file onto the computer, we can cross check the integrity of the file by regenerating the MD5 hash string for the downloaded file. Now, if both the hash strings match, then this implies that the downloaded file is correct. Otherwise it means that the file is corrupt. If file is not present, omit the file parameter from standard input. It is not possible to compute a checksum for an entire directory. We need to recursively check every single file. There are two alternatives: 1. Use find md5sum: in conjunction with

Checking for validity
In order to see whether a given file is valid and correct, we pass the output of a previous md5sum with the switch -c. Thus, the following two steps occur: 1. Compute the MD5 sum and store it in a file using: md5sum file > file.md5 2. Check for validity with: md5sum -c file.md5

find -s directory -type f -print0 | xargs 0 md5sum >> file.md5 or

find -s directory -type f -exec md5sum {} \; >> file.md5 This will now store the checksum for all the files inside the directory into file.md5. We can now check the copied directory with respect to this file. Now go to the location of the copied directory and issue: 2. md5sum -c /path/to/file.md5 3. We can now install md5deep, which has a recursive option. md5deep -rl directory > file.md5 Now go to the location of the copied directory and issue: md5sum -c /path/to/file.md5

MD5 is widely used as a checksum hash function because it‟s fast and presents an extremely low collision ratio. An MD5 checksum is composed of 32 hexadecimal digits which together provide a 1 in ~3.42e34 odds of a collision. MD5 can be read easily as it is short. For unskilled tasks MD5 hash is good enough. For example, if we download an e-book from a trusted mirror and want to check whether the file that has been downloaded is correct or not, we can do it so by generating the MD5 hash of it. Then compare the hash with the generated hash of the file. If both hashes match the e-book is downloaded correctly and completely. For cryptography, MD5 is a valid alternative if security is only a moderate concern. It's a very viable option for hashing database passwords or other fields requiring internal security for its speed mostly, but also because MD5 does offer a reasonable level of security where strong encryption is not a concern. MD5 security can be improved by preserving it.

Why MD5 widely?

is still

used

An MD5 exposure is well documented and it remains distributed in its usage. MD5 is used as a checksum hash function because it is very fast and collision is very low in ratio and if collision is possible then that is not a big problem. MD5 is very quick to create.

Figure above Demonstrating the MD5 hashes in Database.

Figure Showing a Windows Application that generates MD5 Hashes to compare two files.

Figure showing an iMac App. that stores MD5 checksum.

Performance ___________________________________________________________________
Key size/hash size (bits) Extrapolated Speed (Kbytes/sec.) PRB Optimized (Kbytes/sec.)

__________________________________________________________________________________________ TEA DES Triple-DES IDEA RSA SHA MD5 128 56 112 128 512 160 128 700 350 120 700 7 750 1740 7746 2842 4469 25162 62425

__________________________________________________________________________________________ Figure. Performance of encryption and secure digest algorithms

The above figure shows the size of the key or more specifically, size of the result for some safe and secure digest functions and the speed of some most popular encryption algorithms. The measurements in the terms of speed in the figure were taken as rough estimates of the performance of the algorithms on a 330 MHz Pentium II processor in 1999. Another term “Extrapolated Speed” was based on the C source code which was published in 1996 with no particular attempt to optimize the code, whereas the term “PRB“ figure is the result of a substantial research effort to produce

proprietary as well as optimized implementations of the algorithms in assembly language. As is shown in the figure, MD5 performs much faster than all other algorithms in both the cases. MD5 software currently runs at 85 Mbps on a 190 Mhz RISC architecture, a rate that cannot be improved more than 20-40%. Because MD5 processes the entire body of a packet, this data rate is insufficient for current high bandwidth networks, including HiPPI and FiberChannel. Further analysis indicates that a 300 Mhz custom VLSI CMOS hardware implementation of MD5 may run as fast as 256 Mbps.

Van Oorschot and Wiener have considered a brute-force search for collisions in hash functions, and they estimate a collision search machine designed specifically for MD5 (costing $10 million in 1994) could find a collision for MD5 in 24 days on average. Although the computing

speed of computer has been increased dramatically in the past decade, which makes the brute-force search much faster, MD5 algorithm is still considered one of the most secure algorithms available today.

Difference between MD5 and its predecessors
1. There were only 3 steps in calculation of MD4 algorithm. MD5 introduces 2 new steps to increase security hence more conservative. 2. Each step in MD5 contains a uniquely defined additive constant. 3. The function g in step#2 was changed to make g less symmetric. 4. Each step now adds in the result of the previous step. This promotes a faster "avalanche effect". 5. The order in which input words are accessed in rounds 2 and 3 is changed, to make these patterns less like each other. 6. The shift amounts in each round have been approximately optimized, to yield a faster "avalanche effect" The shifts in different rounds are distinct.

Limitations of MD5 Algorithm
The security of the MD5 hash function is somewhat compromised. A collision attack exists that can find collisions within seconds on a computer with a 2.6 GHz Pentium4 processor. Moreover, there is also a chosen-prefix collision attack that can produce a collision for two chosen arbitrarily different inputs within hours, using offthe-shelf computing hardware (complexity 239). These collision attacks have been demonstrated in public in various situations, including colliding document files and digital certificates. As of 2009 theoretical attack also breaks MD5's pre-image resistance.

a. Vulnerabilities:
MD5 is a one way function, this implies that it cannot be reversed. It cannot practically be bruted force either because of the length of the key. However, the most common form of attack on an MD5 string is a Rainbow Table attack. This works in a very

similar way to brute force and basically uses a massive database of MD5 strings with their reversed outputs. There have also been numerous demonstrations showing that 2 different files can generate the same hash. With these vulnerabilities in mind, most people are moving away from MD5 for uses in their applications, algorithms such as SHA are more recommended where security is essential. Some of the vulnerabilities are as follows:

certificate which appeared to be legitimate when checked via its MD5 hash. The researchers used a cluster of Sony Playstation 3s at the EPFL in Lausanne, Switzerland to change a normal SSL certificate issued by RapidSSL into a working CA certificate for that issuer, which could then be used to create other certificates that would appear to be legitimate and issued by RapidSSL. Bruce Schneier wrote of the attack that "We already knew that MD5 is a broken hash function" and that "no one should be using MD5 anymore." The SSL researchers wrote, "Our desired impact is that Certification Authorities will stop using MD5 in issuing new certificates. We also hope that use of MD5 in other applications will be reconsidered as well." MD5 uses the Merkle–Damgård construction, so if two prefixes with the same hash can be constructed, a common suffix can be added to both to make the collision more likely to be accepted as valid data by the application using it. Furthermore, current collision-finding techniques allow specifying an arbitrary prefix: an attacker can create two colliding files that both begin with the same content. All the attacker needs to generate two colliding files is a template file with a 128-byte block of data aligned on a 64-byte boundary that can be changed freely by the collision-finding algorithm.

 Collision vulnerabilities
In the year 1996, collisions were found in the compression function of MD5, and Hans Dobbertin, in the RSA Laboratories technical newsletter stated, "The presented attack does not yet threaten practical applications of MD5, but it comes rather close. In the future MD5 should no longer be implemented, where a collisionresistant hash function is required." In 2005, researchers were able to create pairs of PostScript documents and X.509 certificates with the same hash. Later that year, MD5's designer Ron Rivest wrote, "md5 and sha1 are both clearly broken (in terms of collision-resistance)," and RSA Laboratories wrote that "nextgeneration products will need to move to new algorithms." On 30 December 2008, a group of researchers announced at the 25th Chaos Communication Congress how they had used MD5 collisions to create an intermediate certificate authority

 Pre-image vulnerability

In April 2009, a pre-image attack against MD5 was published that breaks MD5's pre-image resistance. This is only a theoretical attack, with a computational complexity of 2123.4 for full pre-image and 2116.9 for a pseudo-pre-image.

strings that collide with the original input, usually for the purposes of password cracking. The use of MD5 in some websites' URLs means that search engines such as Google can also sometimes function as a limited tool for reverse lookup of MD5 hashes. Both these techniques are rendered ineffective by the use of a sufficiently long salt.

 Other vulnerabilities
A number of projects have published MD5 rainbow tables online, that can be used to reverse many MD5 hashes into

CONCLUSIONS
In this report we studied MD5 hash functions, their properties and many of its attacks. We demonstrated different attacks, beginning from the first attack after a few years of presenting the MD5 hash function; a brief explanation of their attacks, and a short phrase of Klima‟s application for finding a collision on a simple Notebook. The division of the range of searching the numbers gives shorter and more specific time of searching. The 2 methods of dividing the searching space, show which of them yields better results, and concluded the results of them. We can conclude that MD5 Algorithm is widely used cryptographic hash function and often used in checking file integrity, saving passwords, generating hash functions, etc. MD5 was developed with a view of getting more secure environment than its predecessor, MD4. It is the third in its category of message-digest.

Previously, MD2 and MD4 were also developed but MD2 was developed for 8-bit processors while MD4 was not used at a large scale due to lack of security. On the other hand, MD4 and MD5 were developed for 32-bit processors which are used widely in different sectors today. MessageDigest Algorithm 4 holds a good capability but was not at all good with respect to security issues. MD5 was developed to enhance the security feature of the algorithm. However, in 1996, it was discovered that MD5 was also vulnerable to some attacks; though it was not as severe but it sent a message for a better replacement of the algorithm. Thus, MD5 is not used in some fields of applications like SSL or digital signatures that rely on this property.

LIST OF SYMBOLS ABBREVIATIONS
Symbols
Logical XOR Operation Logical AND Operation Logical OR Operation  Logical NOT Operation
Abbreviations MD – Message Digest Algorithm WWW – World Wide Web SHA – Secure Hash Algorithm

AND

REFERENCES
[1]. “MD5 Algorithm” http://en.wikipedia.org/wiki/MD5 [2]. “The purpose of Cryptography” http://www.garykessler.net/library/cryp to.html#purpose [3] “MD5, Message-Digest Algorithm” http://www.networksorcery.com/enp/d ata/md5.htm Rivest, R., "The MD4 Message Digest Algorithm", RFC 1320, MIT and RSA Data Security, Inc., April 1992. [4]. “RFC 1321 - The MD5 MessageDigestAlgorithm” http://www.faqs.org/rfcs/rfc1321.html [5]. S. Singh, “History of cryptography”, Histoire des codes secrets. Jean-Claude Lattès, 1999.

SNMP – Simple Network Management Protocol

HMAC Hashed Authentication Code

Message

DRM – Digital Rights Management