CRAM-MD5
E210079
CRAM-MD5 is a challenge–response authentication mechanism that uses MD5 hashing to securely verify a user's identity without transmitting their password in plaintext.
All labels observed (2)
| Label | Occurrences |
|---|---|
| DIGEST-MD5 | 2 |
| CRAM-MD5 canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T1887966 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: CRAM-MD5 Context triple: [fetchmail, supportsProtocol, CRAM-MD5]
-
A.
MD5
MD5 is a widely known but now cryptographically broken 128-bit hash function formerly used for checksums, data integrity, and security applications.
-
B.
HMAC
HMAC (Hash-based Message Authentication Code) is a cryptographic construction that combines a secret key with a hash function to provide data integrity and authentication.
-
C.
Merkle–Damgård construction
The Merkle–Damgård construction is a fundamental method for building collision-resistant cryptographic hash functions from fixed-size compression functions, used in many classic hash algorithms like MD5 and SHA-1.
-
D.
CRC
CRC is the widely ratified United Nations human rights treaty that sets out the civil, political, economic, social, and cultural rights of all children.
-
E.
Poly1305
Poly1305 is a high-speed message authentication code (MAC) algorithm commonly used with stream ciphers like ChaCha20 to provide data integrity and authenticity.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: CRAM-MD5 Target entity description: CRAM-MD5 is a challenge–response authentication mechanism that uses MD5 hashing to securely verify a user's identity without transmitting their password in plaintext.
-
A.
MD5
MD5 is a widely known but now cryptographically broken 128-bit hash function formerly used for checksums, data integrity, and security applications.
-
B.
HMAC
HMAC (Hash-based Message Authentication Code) is a cryptographic construction that combines a secret key with a hash function to provide data integrity and authentication.
-
C.
Merkle–Damgård construction
The Merkle–Damgård construction is a fundamental method for building collision-resistant cryptographic hash functions from fixed-size compression functions, used in many classic hash algorithms like MD5 and SHA-1.
-
D.
CRC
CRC is the widely ratified United Nations human rights treaty that sets out the civil, political, economic, social, and cultural rights of all children.
-
E.
Poly1305
Poly1305 is a high-speed message authentication code (MAC) algorithm commonly used with stream ciphers like ChaCha20 to provide data integrity and authenticity.
- F. None of above. chosen
Statements (47)
| Predicate | Object |
|---|---|
| instanceOf |
SASL mechanism
ⓘ
authentication mechanism ⓘ challenge–response authentication mechanism ⓘ |
| advantageOver | PLAIN without TLS ⓘ |
| authenticationProperty |
does not transmit password in plaintext
ⓘ
provides replay protection via challenge–response ⓘ |
| basedOn | HMAC-like keyed hashing with MD5 ⓘ |
| category |
application-layer authentication
ⓘ
password-based authentication ⓘ |
| challengeFormat | base64-encoded string ⓘ |
| comparedTo | PLAIN ⓘ |
| definedBy | Internet Engineering Task Force ⓘ |
| definedIn | RFC 2195 ⓘ |
| digestComputation | MD5 of (password XOR pads concatenated with challenge) ⓘ |
| introducedYear | 1997 ⓘ |
| operatesAtLayer | application layer ⓘ |
| passwordStorageRequirement | server must store plaintext-equivalent secrets ⓘ |
| primaryPurpose |
prevent password disclosure in plaintext
ⓘ
user authentication ⓘ |
| protocolPhase | authentication phase ⓘ |
| recommendedUsage | discouraged for new designs ⓘ |
| relatedTo |
APOP
ⓘ
CRAM-MD5 self-linksurface differs ⓘ
surface form:
DIGEST-MD5
|
| requires |
server knowledge of plaintext password or equivalent secret
ⓘ
support from both client and server ⓘ |
| responseFormat | username and digest ⓘ |
| securityLimitation |
depends on MD5 which is considered cryptographically broken
ⓘ
does not provide channel encryption ⓘ does not provide mutual authentication by default ⓘ vulnerable if server password database is compromised ⓘ |
| securityProperty | resistant to passive eavesdropping of password ⓘ |
| standardStatus | historic ⓘ |
| status | legacy mechanism ⓘ |
| typicalDeployment | legacy mail servers ⓘ |
| usedInContext |
SASL authentication exchange
ⓘ
email authentication ⓘ |
| usedInProtocol |
IMAP
ⓘ
POP3 ⓘ SMTP ⓘ |
| uses |
client-generated response
ⓘ
server-generated challenge ⓘ shared secret password ⓘ |
| usesAlgorithm | MD5 ⓘ |
| usesCryptographicPrimitive | hash function ⓘ |
| usesHashFunction | MD5 ⓘ |
| weakerThan |
SCRAM-SHA-1
ⓘ
SCRAM-SHA-256 ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: CRAM-MD5 Description of subject: CRAM-MD5 is a challenge–response authentication mechanism that uses MD5 hashing to securely verify a user's identity without transmitting their password in plaintext.
Referenced by (3)
Full triples — surface form annotated when it differs from this entity's canonical label.