MD5 Encryption and How to Use It
MD5 is a widely used hash procedure. Hash procedures are used to create so-called hash checksums. The checksum has high random variables, which always have a certain length (MD5 uses 128bit length). Hash procedures are non-reversible functions. It is therefore not the same as normal encryption methods, such as Blowfish, AES, etc., since the original contents cannot be reconstructed. Rather, hashes have fingerprints to compare to the original data at hand. In this way, signing documents or encrypted passwords are stored in databases.
Background information about MD5
MD stands for Message Digest (Algorithm) and belongs to the (disposable) hash procedure. MD5 is the successor of the MD4 algorithm, and is currently the most recent version of this hash procedure. MD5 was developed by Ronald L. Rivest. MD5 is mainly used under Linux/Unix and also on Internet technology. Also in encryption programs such as PGP. Despite the publication of a theoretical attack scenario, SHA1 is the second most used next to MD5.
Example of Use
As already mentioned, MD5 (or hash procedure in general) is used in various fields of electronic data. Two key areas of application for MD5 should be described briefly here:
1. The hash can be used to retrieve data in a database. Thus, for example, User passwords in content management systems (CMS). For security reasons, clear-text is not stored in the database, but instead the respective checksum is. The user enters the clear-text when registering his password into a website form, an internal function then calculates the hash value and compares it with that for the User stored in the database. Only if the hashes match, the declaration is deemed successful. And thus the user is able to login to the website.
2. Documents can be digitally signed and therefore are verifiable. For example, if one sends an important document by e-mail, the recipient should also receive the corresponding hash signature. The recipient then compares the checksums. If the fingerprints are both the same, the recipient knows the content is completely unaltered.
Practical application
The use of hash methods are not only reserved for professionals. Especially the use of e-mail or in downloads the MD5 is of great use. The application is quite simple, and is explained in the following guide:
First, you need a program that can calculate MD5s. There are some good free tools such as Little MD5 Creator.
You send a file
If you own an important document (eg. by e-mail or as a download), you must first create a checksum for the file. Now you have the "fingerprint" of the document. You should hash this for security reasons via another medium of communication, such as via the telephone. Otherwise, write the checksum in with the e-mail or as a download link. Now let's see what the recipient must do.
You get a file
If you have a file by e-mail or downloaded from a Web site, and your original checksum is known, now create a new hash of the file. Now you must know if the checksums match correctly. If the checksum by the co-signor was identical with the checksum you have created then the original file is unchanged. A different hash does not necessarily mean the file has been tampered with.
If the hash values differ
If the original hash differs from your hash, there are several possible causes:
1. During the transfer (download / Mail shipping) there was a transmission error, so the file was damaged.
Review: file download / request. Possibly. Size (if given) to compare.
2. The original hash specified is outdated and was not updated by the sender.
Review: The sender should check if he is using an older hash. However, it is solely the responsibility of the sender to make sure the hash is up-to-date at all times.
3. The file has been intentionally tampered with (eg, text changed / deleted / added).
Review: Make sure that items 1 and 2 are not true, and that you have not made an error in the preparation / comparison of the checksum. If you have urgent suspicion that the file has been tampered, immediately contact the sender / provider of this file in order to clarify the matter.
Now that you understand MD5 encryption you can start using it and be more secure online!
Published by ssb
- What is SHA-1 (Encryption)This tutorial will show you how to secure your computer by understanding the features of SHA-1 encryption.
- Installing and Configuring Heartbeat on Ubuntu Server for High AvailabilityEver have a server crash, only to wish you had the same services running on a different server just take over the role? If so, then the heartbeat-2 package is for you. In this how-to, you will learn how to setup heart...
- Secure Your SWF Files Against the Cheat Engine Using ActionScript 3.0The cheat engine is a memory modifier that allows you to easily change the values inside of a SWF application. This article will teach you ways to be protected.
- Understanding Digital SignaturesThe document aims to explain what a digital signature is, how to create it and how to verify a digital signature.
- Understanding DES (Encryption Method)This tutorial will explain what DES is and how it works. If you are interested in encryption and how it works, you will find this article fascinating.
- Network Intrusion Detection Systems
- How to Encrypt and Hash Passwords in PHP
- How to Prevent Online Cookie Theft
- 10 Reasons Why You Should Monitor Your Employees E-mail & Internet Use at Work
- Replacement Social Security Card's Put a Strain on US Citizens
- A Reticent Proposition - Solving the Security Problem on Airlines
- Security: A Must-have for Start-up Businesses