If we can't decode the MD5 hash string, then what is the purpose of MD5 where can we use MD5.
+6
A:
To store data save in a database for example.
If you save your password using md5 and you compaire it with the password you enter and encrypt it is still the same password but you cant see in the database what is the password.
For example:
password = 123 md5 of 123 = fkdjafkldjslghrioawegh
if you try to log in and you enter 123 the md5 if it will still be the same and you can compair those. But if your database is hacked the hacker cant reed the password (123)
Robert
2010-04-15 09:01:12
+1. Note, however, that when storing passwords, an additional random prefix should be added when computing the hash, and stored alongside the hash. This way, users choosing poor passwords won't be compromised by hash collisions. This is commonly known as a _salt_. E.g., if two users both choose "secret" as their password, the hash will be the same. A cracker with access to a set of passwords could look for these common hashes, and thus discover the password that produced it. The salt makes it extremely unlikely that the same password will produce the same hash for different users.
Marcelo Cantos
2010-04-15 09:18:18
See also this other question: http://stackoverflow.com/questions/536584/non-random-salt-for-password-hashes/
Georg
2010-04-15 10:01:16
Keep in mind that passwords shouldn't be stored as a single MD5 hash (or any other single hash), since single hash operations are too fast to easily resist brute forcing: http://chargen.matasano.com/chargen/2007/9/7/enough-with-the-rainbow-tables-what-you-need-to-know-about-s.html
Josh Kelley
2010-06-01 13:02:05
+4
A:
An decryptable file has the property that its always at least as big as the original file, a hash is much, much smaller.
This allows us the create a hash from a file that can prove the integrity of the file, without storing it.
There are many reasons not to store the file in encrypted or plain text:
As soon as an encrypted file falls in the wrong hands, they could try to decrypt it. There's no chance that's going to happen with a hash.
You simply don't need the file yourself, but maybe you're sending it to someone, and that person can proof it's integrity using the hash.
Georg
2010-04-15 09:05:53
+1. Are you sure about the *at least as big* statement ? Can't we imagine a cipher algorithm that use something like a "compression method" ? (I'm not talking of ciphering then compressing, but of an hypothetical algorithm that could produce smaller ciphered data). Just wondering.
ereOn
2010-04-15 09:12:20
In order to obtain meaningful compression, you'd have to compress the data first, then encrypt it. (Why? Because well-encrypted data is essentially random and compression relies on patterns in the data, so it doesn't work on random data.) In that case, the data being encrypted is the compressed form of the original data and Georg's statement that the encrypted data must be at least as large as the data being encrypted (which, remember, is now the compressed form) still holds.
Dave Sherohman
2010-04-15 09:15:58
@ereOn: That would be a compression algorithm. But imagine you've got already compressed input data, in that case you couldn't compress it even more. (If that were possible, you could compress data indefinitely.)
Georg
2010-04-15 09:18:50
There is in fact no such thing as a reversible compression function - *on average*, the output of every reversible function is also at least as big as the original file. A "compression algorithm" is actually an "expansion algorithm" with some interesting failure cases :)
caf
2010-04-15 12:01:12
+1
A:
It allows you to determine whether the data you have (e.g., an entered password) is the same as some other data which is secret (e.g., the correct password) without requiring access to the secret data. In other words, it can be used to determine "is this user-entered password correct?" while also keeping the correct password secret. (Note that there are stronger hashing methods out there which should be used instead of md5 for this purpose these days, such as sha* and bcrypt. With modern hardware, it's fairly easy to throw millions of passwords per second at an md5 hash until you find one that matches the correct password.)
It allows you to verify the integrity of a transmitted file by comparing the md5 hash of the original file with the md5 hash of the data that was received. If the hashes are different, the received data was not the same as the sent data, so you know to re-send it; if they're the same, you can be reasonably certain that the sent and received data are identical.
Dave Sherohman
2010-04-15 09:12:25
+1
A:
Good hash functions like MD5 can be used for identification. See this question. Under certain conditions you can assume that equal hashes mean equal data blocks.
sharptooth
2010-04-15 09:14:05
@Georg: MD5 has been hacked so it should not be used for scenarios when someone would want to subvert it. Otherwise it is still good.
sharptooth
2010-04-15 09:30:42
Not really. DSPs (like, say, your video card's GPUs) can brute-force md5 in no time flat because it's too simple to calculate. The code at http://bvernoux.free.fr/md5/index.php, for example, claims to process 200 million md5 hashes per second on common consumer hardware (GeForce 8800GT and Core2Duo E6750 using one core). It's so easy to brute-force that there's no real point in making algorithmic attacks against it any more.
Dave Sherohman
2010-04-15 09:39:26
@Dave Sherohman: Didn't know of those. Still this doesn't prevent from using MD5 in scenarios when there're noone to subvert it.
sharptooth
2010-04-15 09:42:20
@sharptooth: If there's no one to subvert it, you are not paranoid enough ;)
Piskvor
2010-08-18 12:54:42
@Piskvor: Seriously I didn't mean cases when data protected is so useless noone wants to hack into it. I meant scenarios where there is no attacker - like this one http://stackoverflow.com/questions/862346/how-do-i-assess-the-hash-collision-probability
sharptooth
2010-08-18 12:59:48
@sharptooth: I see. I'd personally go with SHA-256 - not too much slower; but I guess MD5 would be good enough there.
Piskvor
2010-08-18 13:23:56
+1
A:
MD5 is mainly used to maintain the integrity of files when it is send from 1 machine to another machine,to detect whether any man in middle third party have not modify the contents of files.
Basic example is : When you download any file from server server has MD5 calculated when it comes to you it again check for md5 values if md5 hash matches file is not corrupted or not modified by any third person.