Wednesday, September 23, 2015

Password hash with MD5

The MD5 message-digest algorithm is a widely used cryptographic hash function producing a 128-bit (16-byte) hash value, typically expressed in text format as a 32 digit hexadecimal number. MD5 has been utilized in a wide variety of cryptographic applications, and is also commonly used to verify data integrity.

MD5 is very collision resistant. The algorithm was designed to generate unique hash values for each unique input. However, lately there have been rumblings in the security community about the weaknesses in MD5. Many government agencies will be required to move to a stronger algorithm in a few years.

Advantages of MD5
  • Utilizes a fast computation algorithm
  • Provides collision resistance
  • Is in widespread use
  • Provides a one-way hash
Disadvantages of MD5
  • Has known security flaws and vulnerabilities
  • Is less secure than the SHA-1 algorithm
Note : MD5 now are not relevant and not secure anymore. Using salted md5 for passwords is a bad idea. Not because of MD5's cryptographic weaknesses, but because it's fast. This means that an attacker can try billions of candidate passwords per second on a single GPU.



 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
import java.security.*;

public class MD5
{
    public static void main(String[] args)
    {
        String passwordToHash = "HELLOWORLD";
        StringBuilder sb = new StringBuilder();
        try {
           MessageDigest md = MessageDigest.getInstance("MD5");
           md.update(passwordToHash.getBytes());
           byte[] bytes = md.digest();
           for(int x=0; x< bytes.length ;x++){
               sb.append(String.format("%02x", bytes[x]));
           }
        }
        catch (NoSuchAlgorithmException e)
        {
            e.printStackTrace();
        }
        System.out.println(sb.toString());
    }
}

No comments:

Post a Comment