JavaScript MD5

MD5 is a secure hash algorithm. It takes a string as input, and produces a 128-bit number, the hash. The same string always produces the same hash, but given a hash, it is not generally possible to determine the original string. Secure hash algorithms are useful for protecting passwords and ensuring data integrity.

This site has a JavaScript implementation of MD5, and some other secure hash algorithms. This allows web sites to perform simple cryptography on clients, enabling some useful applications:

Protecting Passwords
Without protection, passwords are vulnerable to network sniffing. An attacker could be monitoring an open wireless access point, or using a tool like tcpdump on an ethernet network. JavaScript MD5 provides basic protection of passwords, for sites that do not use SSL. more...
Generating Passwords
Most people have accounts on many different web sites. It isn't possible to remember so many passwords, so most people use the same password everywhere. If one web site suffers a security breach, or has a malicious operator, all your online accounts are at risk. Password generators help solve this problem. more...
Self-Decrypting Pages
Internet email messages are vulnerable to interception and generally considered unsuitable for confidential communication. A self-decrypting page is unreadable until the correct password is entered. Pages can be attached to emails to support confidential communication. more...

Demonstration

Input
Calculate
Result
hex_md5("message digest") = "f96b697d7cb7938d525a2f31aaf161d0"
hex_sha1("160-bit hash") = "90d925d853c3d35cd54070bb75280fefad9de9e7"

More Information

Scripts
Download the scripts, see information about their history and future plans, and links to other resources. more...
Instructions
How to use the scripts to calculate hashes. more...
Protecting Passwords
How to build a web login system that protects passwords with JavaScript MD5. more...
Advanced Authentication
More ideas for protecting passwords, to cope with some of the limitations of the basic system. more...
Other Uses
The scripts have uses besides protecting passwords. more...
Browser Test
The list of browsers and versions on which the script is known to work correctly. more...

Algorithm Information

MD5SourceSpecification
RIPEMD-160SourceSpecification
SHA-1SourceSpecification
SHA-256SourceSpecification
SHA-512SourceSpecification
HMACSpecification

Collision Weakness

In 2004, a cryptographic weakness was discovered in both the MD5 and SHA-1 algorithms. One of the design goals of secure hash algorithms is "collision resistance". In others words, someone can't find two strings that hash to the same value. Because MD5 is 128-bit, by random chance you will find a collision by producing 264 hashes. The weakness in MD5 is that a way has been found to produce such collisions with only 242 hashes, which makes producing collisions practical. In 2008 a paper was released demonstrating a collision attack that produced a false certificate authority - allowing impersonation of any SSL site on the internet. more...

While it is imperitive for ceritifcate authorities to stop issuing MD5 certificates, most uses of JavaScript hashing (e.g. protecting passwords) do not rely on the collision resistance property. These weaknesses do not create a vulnerability in such web sites. It is acceptable to continue using MD5 for such puposes, although I recommend that new sites use SHA-256 or stronger.

Users of the Script

© 1998 - 2012 Paul Johnston, distributed under the BSD License   Updated:16 May 2011