MD5 is a secure hash algorithm. It takes a string as input, and produces a 128-bit number, the hash. The same string always produces the same hash, but given a hash, it is not generally possible to determine the original string. Secure hash algorithms are useful for protecting passwords and ensuring data integrity.
This site has a JavaScript implementation of MD5, and some other secure hash algorithms. This allows web sites to perform simple cryptography on clients, enabling some useful applications:
- Protecting Passwords
- Without protection, passwords are vulnerable to network sniffing. An attacker could be monitoring an open wireless access point, or using a tool like tcpdump on an ethernet network. JavaScript MD5 provides basic protection of passwords, for sites that do not use SSL. more...
- Generating Passwords
- Most people have accounts on many different web sites. It isn't possible to remember so many passwords, so most people use the same password everywhere. If one web site suffers a security breach, or has a malicious operator, all your online accounts are at risk. Password generators help solve this problem. more...
- Self-Decrypting Pages
- Internet email messages are vulnerable to interception and generally considered unsuitable for confidential communication. A self-decrypting page is unreadable until the correct password is entered. Pages can be attached to emails to support confidential communication. more...
Demonstration
| Input | |
|---|---|
| Calculate | |
| Result |
hex_md5("message digest") = "f96b697d7cb7938d525a2f31aaf161d0" hex_sha1("160-bit hash") = "90d925d853c3d35cd54070bb75280fefad9de9e7"
More Information
- Scripts
- Download the scripts, see information about their history and future plans, and links to other resources. more...
- Instructions
- How to use the scripts to calculate hashes. more...
- Protecting Passwords
- How to build a web login system that protects passwords with JavaScript MD5. more...
- Advanced Authentication
- More ideas for protecting passwords, to cope with some of the limitations of the basic system. more...
- Other Uses
- The scripts have uses besides protecting passwords. more...
- Browser Test
- The list of browsers and versions on which the script is known to work correctly. more...
Algorithm Information
| MD5 | Source |  Specification |
|---|---|---|
| RIPEMD-160 | Source | Specification |
| SHA-1 | Source | Specification |
| SHA-256 | Source | Specification |
| SHA-512 | Source | Specification |
| HMAC | Specification |
Collision Weakness
In 2004, a cryptographic weakness was discovered in both the MD5 and SHA-1 algorithms. One of the design goals of secure hash algorithms is "collision resistance". In others words, someone can't find two strings that hash to the same value. Because MD5 is 128-bit, by random chance you will find a collision by producing 264 hashes. The weakness in MD5 is that a way has been found to produce such collisions with only 242 hashes, which makes producing collisions practical. In 2008 a paper was released demonstrating a collision attack that produced a false certificate authority - allowing impersonation of any SSL site on the internet. more...
While it is imperitive for ceritifcate authorities to stop issuing MD5 certificates, most uses of JavaScript hashing (e.g. protecting passwords) do not rely on the collision resistance property. These weaknesses do not create a vulnerability in such web sites. It is acceptable to continue using MD5 for such puposes, although I recommend that new sites use SHA-256 or stronger.
Users of the Script
- Yahoo used it for non-SSL logins, around 2001 - 2006.
- Verizon wireless routers use it for admin logins.
- Guardian Unlimited use it for registered user login.
- Paradigm Healthcare use it for admin logins. One of their engineers contributed a bug fix to the base-64 routines.
- The Captchas project.
- vBulletin
- netjukebox. The live demo uses the alternative login system.
