Talk:MD5

This is the talk page for discussing improvements to the MD5 article. This is not a forum for general discussion of the article's subject.

Put new text under old text. Click here to start a new topic. New to Wikipedia? Welcome! Learn to edit; get help. Assume good faith Be polite and avoid personal attacks Be welcoming to newcomers Seek dispute resolution if needed Article policies Neutral point of view No original research Verifiability

Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL

Archives: 1Auto-archiving period: 90 days

This article is rated C-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Cryptography: Computer science Top‑importance This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. Top This article has been rated as Top-importance on the importance scale. This article is supported by WikiProject Computer science (assessed as High-importance). Computing: Networking / Software / Websites / CompSci Mid‑importance This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. Mid This article has been rated as Mid-importance on the project's importance scale. This article is supported by Networking task force (assessed as Mid-importance). This article is supported by WikiProject Software (assessed as High-importance). This article is supported by WikiProject Websites (assessed as High-importance). This article is supported by WikiProject Computer science (assessed as Mid-importance). This article is supported by WikiProject Computer Security (assessed as High-importance). Things you can help WikiProject Computer science with: edit history watch purge Here are some tasks awaiting attention: Article requests : Requested articles/Applied arts and sciences/Computer science, computing, and Internet Cleanup : Computer science articles needing attention Computer science articles needing expert attention Copyedit : Computing Expand : Computer science Infobox : Computer science articles without infoboxes Maintain : Timeline of computing 2020–present Photo : Find pictures for the biographies of computer scientists (see List of computer scientists) Computing articles needing images Stubs : Computer science stubs Unreferenced : WikiProject Computer science/Unreferenced BLPs Project-related : Tag all relevant articles in Category:Computer science and sub-categories with {{WikiProject Computer science}} Internet Mid‑importance Internet portal This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. Mid This article has been rated as Mid-importance on the project's importance scale.

To-do list for MD5: edit · history · watch · refresh · Updated 2011-07-28 Summarise results of Berson Complete the (non-pseudocode) description of the MD5 algorithm Add information about md5x one step to double md5 hashes Priority 3

Pseudocode OK ?

Latest comment: 5 months ago4 comments4 people in discussion

I tried to implement the pseudocode but I couldn't reproduce the results. (EDITED) Now I succeeded and share what might be ambiguous:

• append "1" bit to messsage means that you actually append a byte 128 if the message was/is cut into bytes.
• append the original length in bits mod 2^64: It means that the last (512 - 448) bit or 64 - 56 = 8 byte of the padded message are filled with that number, ((number of bytes in original text) MOD 2^61) * 8, padded to length of 8 byte, little endian.
  E.g., for "The quick (...) lazy dog" (length = 43 byte = 344 bit), this would be (88, 1, 0, 0, 0, 0, 0, 0) for 1*256 + 88 = 344.
  Thus, the padded message would be, written in bytes: [84 (='T'), 104(='h'), 101(='e'), ..., 100(='d'), 111, (='o'), 103(='g'), 128, 0 ... 0, 81, 1, 0, 0, 0, 0, 0, 0].
• Ignore the instruction "Be wary of the below definition...". I assume it means "take into account", but how could we anyway anticipate at that point assignments that occur at a later moment?! Just ignore.
• The "digest": a0 append ... append d0 // (output is in little endian):
  If, in the end, a0 = 1, b0 = 2, c0 = 3, d0 = 4, the output should be "01000000020000000300000004000000"!
• Most of it all, the 16 32-bit words M[j] correspond each to 4 consecutive bytes of the message scrambled by reading the chunk in little endian!
  So for the above phrase, M[0] = ' '<<24 + 'e'<<16 + 'h'<<8 + 'T', M[1] = 'c'<<24 + 'i'<<16 + 'u'<<8 + 'q', etc. (Mnemonic: little endian is the most counter-intuitive and inconsistent convention you could think of. To make it worse, it is the opposite of what its name suggests! The 'litte' bit (LSB) is not at the end (as in "endian"), but at the beginning - speaking of the least significant byte. The least and most significant bits aren't on either side, but somewhere inside! Congrats on your choice, guys!)

Thanks if others can confirm any part of this interpretation. — MFH:Talk 19:09, 2 October 2020 (UTC)Reply

I followed your comment up until this part

> 0 ... 0, 81, 1, 0, 0, 0, 0, 0, 0]

How did the 88, 1 become a 81, 1? 94.196.94.19 (talk) 22:19, 9 October 2022 (UTC)Reply

d41d8cd98f00b204e9800998ecf8427e 112.197.120.140 (talk) 18:44, 5 September 2023 (UTC)Reply

Ok 2402:9D80:22E:5559:2819:687A:A144:B7CD (talk) 21:11, 19 November 2023 (UTC)Reply

Weakness of MD5 demonstrated once again in a spectacular manner.

Latest comment: 6 months ago1 comment1 person in discussion

Hackers behind the highly stealthy, native Apple iOS malware "Triangulation" used forty MD5 hashes to identify various "p0wned" mailboxes held by them, but security researchers managed to crack most of the checksums and retrieved 36 full e-mail addresses, as seen here: https://securelist.com/triangulation-validators-modules/110847/ 77.234.84.8 (talk) 13:13, 25 October 2023 (UTC)Reply