A typical application of MD5 is to generate an informational digest (message-digest) of a piece of information (message) to prevent tampering. For example, there are a lot of software under Unix that have a file name with the same filename and file extension. MD5 in this file, usually with a single line of text, roughly structured like this:
MD5 (tanajiya.tar.gz) = 37ea8e2c445af24a82caeaea6ced2c5b
This is the digital signature of the tanajiya.tar.gz file. MD5 the entire file as a large text message, through its irreversible string transform algorithm, produces this unique MD5 message digest. In order to make readers have an intuitive understanding of the application of MD5, the author takes an analogy and an example to briefly describe its working process:
As we all know, everyone on earth has their own unique fingerprints, which often becomes the most trustworthy way for the public security organs to identify criminals. Similarly, MD5 can produce an equally unique "digital fingerprint" for any file (regardless of size, format, number) If anyone changes the file name , its MD5 value is the corresponding "digital fingerprint" will change.
We often see its MD5 value in some software download site, the role of it is that we can download the software, the downloaded file with specialized software (such as Windows MD5 Check, etc.) to do a MD5 check, To ensure that the files we obtain are the same files as the files provided by the site. The scheme of file checking using MD5 algorithm is widely used in software download station, forum database, System file security and so on.
A typical application of MD5 is to generate fingerprint (fingerprints) on a message (byte string) to prevent "tampering". For example, you will write a paragraph in a message called Readme.txt file, and on this Readme.txt generate a MD5 value and record, and then you can spread this file to others, if others modify any of the contents of the file, you will see this file recalculation MD5 (two MD5 values are not the same). If there is a third-party certification body, with MD5 can also prevent the file author's "Repudiation", which is called Digital signature application.
MD5 is also widely used in operating system login authentication, such as UNIX, all kinds of BSD system login password, digital signature and many other parties. For example, in Unix system, the user's password is stored in the file system by MD5 (or other similar algorithm) after hash operation. When the user logs in, the system MD5 the user's password into a hash, and then compares the MD5 value stored in the file system to determine if the password was entered correctly. Through such steps, the system can determine the legality of the user login system without knowing the user's password. This avoids the user's password being known to users who have system administrator privileges. MD5 map any length of "byte string" to a large integer of 128bit, and it is difficult to reverse the original string through the 128bit, in other words, even if you see the source program and algorithm description, you can not transform a MD5 value back to the original string, mathematically speaking, This is because the original string has an infinite number, which is somewhat like a mathematical function that does not have an inverse function. Therefore, to encounter the problem of MD5 password, the better way is: You can use the MD5 () function in this system to reset a password, such as admin, the generated hash of a string of passwords to overwrite the original hash value on the line.
It is for this reason that the most commonly used hacker to decipher a password is a method called "Running a dictionary". There are two ways to get a dictionary, one is the daily collection of strings used for the password table, and the other is generated by the arrangement of the combination of methods, the first use MD5 program to calculate the MD5 value of these dictionary items, and then use the target MD5 value in the dictionary to retrieve. We assume that the maximum length of the password is 8 bytes (8 Bytes), and that the password can only be letters and numbers, a total of 26+26+10=62 characters, and the number of items in the sorted dictionary is P (62,1) +p (62,2) .... +p (62,8), which is already a very astronomical figure, Storing this dictionary requires a terabytes of disk array, and there is a premise that it is possible to obtain the password MD5 value of the target account. This encryption technique is widely used in UNIX systems, which is one of the important reasons why UNIX systems are more robust than general operating systems.
About MD5 Encryption