MD5 encryption algorithm knowledge

Source: Internet
Author: User

MD5 Overview
The full name of MD5 is message-Digest algorithm 5, which was invented by MIT's computer science lab and RSA Data Security Inc in Early 1990s and developed by md2, md3, and md4.
Message-digest refers to the hash transformation of a message, which is to convert a byte string of any length into a long big integer. Note that I use the word "Byte string" instead of "string" because this conversion is only related to the value of the byte and has nothing to do with the character set or encoding method.

MD5 converts a "Byte string" of any length into a large integer of BITs, and it is an irreversible String Conversion Algorithm. In other words, even if you see the source program and algorithm description, it is also impossible to convert an MD5 value back to the original string. In terms of mathematical principle, it is because there are infinite numbers of original strings, which is a bit like a mathematical function without an inverse function.

A typical application of MD5 is to generate fingerprint (fingerprint) for a message (byte string) to prevent "tampering ". For example, you write your statement in a readme.txt file and generate an MD5 value for this readme.txt file and record it. Then you can spread the file to others. If someone else modifies any content in the file, you will find it when re-calculating the MD5 value for this file. If there is another third-party certification authority, MD5 can also prevent the "credit" of the file author. This is the so-called digital signature application.

MD5 is also widely used in encryption and decryption technology. In many operating systems, users' passwords are stored in MD5 values (or similar algorithms, the system calculates the password entered by the user into an MD5 value, and then compares it with the MD5 value saved in the system. The system does not "know" what the user password is.

Some hackers crack this password in a way called "Running Dictionary. There are two ways to get the dictionary: one is the string table that is collected daily and the other is generated by means of arrangement and combination, use the MD5 program to calculate the MD5 value of these dictionary items, and then use the target MD5 value for retrieval in this dictionary.

Even if the maximum length of the password is 8, the password can only contain letters and numbers, a total of 26 + 26 + 10 = 62 characters, the number of items in the dictionary is P () + P ).... + P () is already a very astronomical number. to store this dictionary, you need a TB-level disk group. In addition, this method has a premise, it is only possible to obtain the MD5 value of the password of the target account.

In many e-commerce and community applications, managing users' accounts is the most commonly used basic function. Although many application servers provide these basic components, however, many application developers prefer to use relational databases to manage users for higher management flexibility. The lazy way is that users' passwords are stored in the database directly after being converted in plain text or simply, therefore, the passwords of these users are not confidential for software developers or system administrators. The purpose of this article is to introduce the implementation of the MD5 Java Bean, at the same time, an example of using MD5 to process the user's account password is provided. This method makes it impossible for administrators and programmers to see the user's password, even though they can initialize them. However, it is important to protect user password settings.

If you are interested, you can obtain the MD5 text, that is, the text of RFC 1321. Http://

Appendix: ASP implementation example of MD5 irreversible encryption algorithm: Address

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.