MD5 Algorithm Description

After initialization, MD5 processes the input text in 512-bit groups, and each group is divided into 16 32-bit groups. The algorithm output consists of four 32-bit groups, which cascade to form a 128-bit hash value.
First, fill in the message so that its length is exactly a 64-bit number smaller than the multiples of 512 bits. The filling method is to add one after the message, followed by the required multiple zeros, and then attach the 64-bit message length (before filling ). The two steps are used to make the message length exactly equal to an integer multiple of 512 bits (the rest of the algorithm requires this), and ensure that different messages are different after filling.
Four 32-bit variables are initialized as follows:
A = 0x01234567
B = 0x89abcdef
C = 0xfedcba98
D = 0x76543210
They are called chaining variable)
Next, we perform the main loop of the algorithm. The number of cycles is the number of 512-bit message groups in the message.
Copy the above four variables to other variables: A to A, B to B, C to C, D to D.
The main cycle has four rounds (md4 only has three rounds), and each round is very similar. Perform 16 operations in the first round. Each operation performs a non-linear function operation on three of them in A, B, C, and D. Then, the result is added with the fourth variable, a sub-group of the text, and a constant. Then shift the result to the right by an indefinite number and add one of A, B, C, or D. Finally, replace one of A, B, C, or D with this result.
Here are the four non-linear functions used in each operation (one in each round ).
F (x, y, z) = (X & Y) | ((~ X) & Z)
G (x, y, z) = (X & z) | (Y &(~ Z ))
H (x, y, z) = x ^ y ^ Z
I (x, y, z) = y ^ (X | (~ Z ))
(& Yes And, | yes or ,~ No, ^ is an exclusive or)
These functions are designed as follows: if the corresponding bits of X, Y, and Z are independent and even, then each bit of the result should be independent and even.
The function f is operated by bit: If X, then y, otherwise Z. Function H is a bitwise parity operator.
If MJ is set, it indicates the J sub-group of the message (from 0 to 15). If <s indicates that the cycle shifts the S bit left, the following four operations are performed:
Ff (a, B, c, d, MJ, S, Ti) indicates a = B + (a + (f (B, c, d) + MJ + Ti) <s)
GG (a, B, c, d, MJ, S, Ti) indicates a = B + (a + (G (B, c, d) + MJ + Ti) <s)
HH (a, B, c, d, MJ, S, Ti) indicates a = B + (a + (H (B, c, d) + MJ + Ti) <s)
II (a, B, c, d, MJ, S, Ti) indicates a = B + (a + (I (B, C, D) + MJ + Ti) <s)
The four rounds (64 steps) are:
First round
Ff (a, B, c, d, M0, 7, 0xd76aa478)
Ff (D, a, B, c, M1, 12, 0xe8c7b756)
Ff (c, d, A, B, M2, 17, 0x242070db)
Ff (B, c, d, A, M3, 22, 0xc1bdceee)
Ff (a, B, c, d, M4, 7, 0xf57c0faf)
Ff (D, a, B, c, M5, 12, 0x4787c62a)
Ff (c, d, A, B, M6, 17, 0xa8304613)
Ff (B, c, d, A, M7, 22, 0xfd469501)
Ff (a, B, c, d, M8, 7, 0x698098d8)
Ff (D, a, B, c, M9, 12, 0x8b44f7af)
Ff (c, d, A, B, M10, 17, 0xffff5bb1)
Ff (B, c, d, A, M11, 22, 0x895cd7be)
Ff (a, B, c, d, M12, 7, 0x6b901122)
Ff (D, a, B, c, M13, 12, 0xfd987193)
Ff (c, d, A, B, m14, 17, 0xa679438e)
Ff (B, c, d, A, M15, 22, 0x49b40821)
Second round
GG (a, B, c, d, M1, 5, 0xf61e2562)
GG (D, a, B, c, M6, 9, 0xc040b340)
GG (c, d, A, B, M11, 14, 0x265e5a51)
GG (B, c, d, A, M0, 20, 0xe9b6c7aa)
GG (a, B, c, d, M5, 5, 0xd62f105d)
GG (D, a, B, c, M10, 9, 0x02441453)
GG (c, d, A, B, M15, 14, 0xd8a1e681)
GG (B, c, d, A, M4, 20, 0xe7d3fbc8)
GG (a, B, c, d, M9, 5, 0x21e1cde6)
GG (D, a, B, c, m14, 9, 0xc33707d6)
GG (c, d, A, B, M3, 14, 0xf4d50d87)
GG (B, c, d, A, M8, 20, 0x455a14ed)
GG (a, B, c, d, M13, 5, 0xa9e3e905)
GG (D, a, B, c, M2, 9, 0xfcefa3f8)
GG (c, d, A, B, M7, 14, 0x676f02d9)
GG (B, c, d, A, M12, 20, 0x8d2a4c8a)
Round 3
HH (a, B, c, d, M5, 4, 0xfffa3942)
HH (D, a, B, c, M8, 11, 0x8771f681)
HH (c, d, A, B, M11, 16, 0x6d9d6122)
HH (B, c, d, A, m14, 23, 0xfde5380c)
HH (a, B, c, d, M1, 4, 0xa4beea44)
HH (D, a, B, c, M4, 11, 0x4bdecfa9)
HH (c, d, A, B, M7, 16, 0xf6bb4b60)
HH (B, c, d, A, M10, 23, 0xbebfbc70)
HH (a, B, c, d, M13, 4, 0x289b7ec6)
HH (D, a, B, c, M0, 11, 0xeaa1_fa)
HH (c, d, A, B, M3, 16, 0xd4ef3085)
HH (B, c, d, A, M6, 23, 0x04881d05)
HH (a, B, c, d, M9, 4, 0xd9d4d039)
HH (D, a, B, c, M12, 11, 0xe6db99e5)
HH (c, d, A, B, M15, 16, 0x1fa27cf8)
HH (B, c, d, A, M2, 23, 0xc4ac5665)
Fourth round
II (a, B, c, d, M0, 6, 0xf4292244)
II (D, a, B, c, M7, 10, 0x432aff97)
II (c, d, A, B, m14, 15, 0xab9423a7)
II (B, c, d, A, M5, 21, 0xfc93a039)
II (a, B, c, d, M12, 6, 0x655b59c3)
II (D, a, B, c, M3, 10, 0x8f0ccc92)
II (c, d, A, B, M10, 15, 0xffeff47d)
II (B, c, d, A, M1, 21, 0x85845dd1)
II (a, B, c, d, M8, 6, 0x6fa87e4f)
II (D, a, B, c, M15, 10, 0xfe2ce6e0)
II (c, d, A, B, M6, 15, 0xa3014314)
II (B, c, d, A, M13, 21, 0x4e0811a1)
II (a, B, c, d, M4, 6, 0xf7537e82)
II (D, a, B, c, M11, 10, 0xbd3af235)
II (c, d, A, B, M2, 15, 0x2ad7d2bb)
II (B, c, d, A, M9, 21, 0xeb86d391)
The constant Ti can be selected as follows:
In step I, Ti is the integer part of 4294967296 * ABS (sin (I), and the unit of I is radian.
(Power 32 of 2)
After all these operations are completed, add A, B, C, and D to A, B, C, and D respectively. Then, use the next group of data to continue running the algorithm. The final output is Cascade A, B, C, and D.