tags:

views:

175

answers:

4
+7  Q: 

Is the result of a md5 hash consistant or server dependent?

I am doing a md5 hash, and just want to make sure the result of:

md5.ComputeHash(bytePassword);

Is consistent regardless of the server?

e.g. windows 2003/2008 and 32/64 bit etc.

+1  A: 

MD5 Hashing is [system/time/anything except the input] independent

TJMonk15  2010-03-12 21:11:23
+11  A: 

Yes, it's consistent, the md5 algorithm specification defines it regardless of platform.

Autopulated  2010-03-12 21:11:39
Except that I have seen some systems represent the output with upper case letters and some with lower case letters. If you're comparing the string representation of the output, be sure and do a case insensitive comparison.
Eric J.  2010-03-12 21:17:52
Are you mixing up the hexadecimal representation (-> String) with the MD5 value (-> Numerical) and do a string comparison? In that case it might happen that the valid hex chars are lowercase or uppercase - but the value is the same. In other words: If you compare 0xAa to 0xaA and consider the case relevant, then you are not comparing correctly and I'd consider that a bug.
Benjamin Podszun  2010-03-12 23:49:04
+1  A: 

The result of an md5 hash is a number. The number returned for a given input is always the same, no matter what server or even platform you use.

However, the expression of the number may vary. For example, 1 and 1.0 are the same number, but are expressed differently. Similarly, some platforms will return the hash formatted slightly differently than others. In this case, you have a byte array, and that should be fairly safe to pass around. Just be careful what you do after converting it to a string.

Joel Coehoorn  2010-03-12 21:29:31
+4  A: 

MD5 is independent of operating system and architecture. So it is "consistent".

However, MD5 takes as input an arbitrary sequence of bits, and outputs a sequence of 128 bits. In many situations, you want strings. For instance, you want to hash a password, and the password is initially a string. The conversion of that string into a sequence of bits is not part of MD5 itself, and several conventions exist. I do not know precisely about C#, but the Java equivalent String.getBytes() method will use the "platform default charset" which may vary with the operating system installation. Similarly, the output of MD5 is often converted to a string with hexadecimal notation, and it may be uppercase or lowercase or whatever.

So that while MD5 itself is consistent, bugs often lurk in the parts which prepare the data for MD5 and post-process its output. Beware.

Thomas Pornin  2010-03-12 21:47:47

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?