What is the maximum length of the string that can have md5 encription or Is it has no limit, and if so what will be the max lendth of the md5 encripted value?

+4  A: 

the algorithm has been design to support arbitrary input length. I.E you can compute hashes of big files like ISO of Dvd...

if ere is a limitation for the input could come from the environement where the hash function is used. Let say you want to compute a file and the environement has a MAX_FILE limit.

But the output string will be always the same: 32 hex chars (128 bits) !

More infos about MD5

+10  A: 

MD5 processes an arbitrary-length message into a fixed-length output of 128 bits, typically represented as a sequence of 32 hexadecimal digits.

Daniel Vassallo
+1  A: 

A 128-bit MD5 hash is represented as a sequence of 32 hexadecimal digits.

Hamid Nazari
+1  A: 

You can have any length, but of course, there can be a memory issue on the computer if the String input is too long. The output is always 32 characters.

If the string input is too long it wouldn't exist in the system in the first place, unless it's in a file, in which case you can pass in blocks to the digest function as they are read, in other words, you only need to have `block` bytes of the input available at a time.

There is no limit to the input of md5 that I know of. Some implementations require the entire input to be loaded into memory before passing it into the md5 function (i.e., the implementation acts on a block of memory, not on a stream), but this is not a limitation of the algorithm itself. The output is always 128 bits. Note that md5 is not an encryption algorithm, but a cryptographic hash. This means that you can use it to verify the integrity of a chunk of data, but you cannot reverse the hashing. Also note that md5 is considered broken, so you shouldn't use it for anything security-related (it's still fine to verify the integrity of downloaded files and such).

+9  A: 

Append Length

A 64-bit representation of b (the length of the message before the padding bits were added) is appended to the result of the previous step. In the unlikely event that b is greater than 2^64, then only the low-order 64 bits of b are used.

  • The hash is always 128 bits. If you encode it as a hexdecimal string you can encode 4 bits per character, giving 32 characters.
  • MD5 is not encryption. You cannot in general "decrypt" an MD5 hash to get the original string.

See more here.

Mark Byers
+1  A: 

You may want to use SHA-1 instead of MD5, as MD5 is considered broken.

You can read more about MD5 vulnerabilities in this Wikipedia article.

this is no more than a rumor. MD5 is good enough for most of usual web-development tasks
Col. Shrapnel
Its creator, as well as Bruce Schneier and Homeland Security are in agreement that it's broken... How many more 'rumorspreading' do you need to convince you that it's actually been broken for some time?Fact is that it's arbitrarily easy to find an input that generates a specific hash. Of course you can mitigate this risk by salting your inputs, using sufficiently large salts.On a side-note: SHA-1 is considered to be just as broken. If you advise people to upgrade, advise them to upgrade to SHA-2, please.
@kander oh I need a very little. An example. Given a hash, will you bring a source string? Not a link to some great article, not someone's opinion but just a source string?
Col. Shrapnel
@Col. Shrapnel: Producing a source string is good, but I'd say if he can produce an article showing how to crack it at a cost of $xxxxxxx that would also be enough.
Mark Byers
@Mark no problem, I haven't said "original source". You are free to provide any string that will produce the same hash. Money? Who said money? `Fact is that it's arbitrarily easy to find an input that generates a specific hash.`. He haven't said it will cost any money
Col. Shrapnel
I actually do see a problem in using unsalted md5 for saving passwords. Fact is (and everybody may verify this using a simple Google search) that there are many providers who allow you to "crack" some of the "easier" hashes (i.e. having a short alphanumeric source string for example - exactly what you have in passwords...) I actually tried that on some of the hashes in a database and found that I can at least find 1/4 using this. So even a hobby developer having not the smallest knowledge about cryptography *can* find the password behind the hash - if the password is bad - which it is!
But I don't want to say that using md5(md5()) or sha1() instead will fix the problem. There are providers for those, too, though far less.
@Col. Shrapnel: Are you a Mathematician or a Cryptographer? If not, why do you doubt the opinion of those scientists? In a mathematical sense, MD5 is definitely broken because there are methods which are faster than brute force. This might not have an impact on the daily use of MD5 yet (in a large scale). But a hash or encryption scheme has not only to be secure *now* but also *in the future*. And if there are already ways to break it, it will become even easier in the future. Of course it depends in which context you want to use MD5, but broken is broken.
Felix Kling