MD5
MD5 (Message-Digest Algorithm 5) is a message digest algorithm (and cryptographic hash function) with a 128-bit hash value and is one of a series of message digest algorithms designed by professor Ronald Rivest of MIT. When some analytic work indicated that MD5's predecessor, MD4, was likely to be insecure, MD5 was designed in response. This indication was subsequently confirmed when concrete weaknesses were found in MD4.MD5 has been widely used, and was originally thought to be cryptographically secure. However, work in Europe in 1994 uncovered weaknesses which make further use of MD5 questionable. Specifically, it has been shown that special pairs of messages can be generated which have the same hash. Unlike MD4, it is still thought to be very difficult to produce a message with a given hash. In 2004, a distributed project with the name MD5CRK was initiated to demonstrate that MD5 is insecure by finding a collision.
MD5 checksums are commonly encoded as a 32-digit hexadecimal number. A sample looks like this (uses characters 0-9, a-f):
34048ce4cd069b624f6e021ba63ecde5The MD5 checksum (or md5sum) of nothing is:
d41d8cd98f00b204e9800998ecf8427e
| Table of contents |
|
2 See also 3 External links |
Integrity checking
MD5 checksums are widely used in the free software world to provide assurance that a downloaded file is unaltered. By verifying a published MD5 sum's PGP signature, and then comparing a publicized MD5 sum with the checksum of a downloaded file, a user can be sure that the file is the same as that offered by the developers. This protects against trojan horses and computer viruses.
To check the integrity of a downloaded file (i.e. an ISO image), download the MD5SUM file in same folder as the file you want to verify and use an MD5 utility to compare the MD5 sum of the file to the one you got off a trusted source. On Unix and Linux systems, the md5sum command is an example of such a utility.
See also
External links