Message-Digest Algorithm 5
E830584
Message-Digest Algorithm 5 (MD5) is a widely known but now cryptographically broken hash function that produces a 128-bit hash value and was once commonly used for checksums and data integrity verification.
Statements (47)
| Predicate | Object |
|---|---|
| instanceOf | cryptographic hash function ⓘ |
| abbreviation | MD5 NERFINISHED ⓘ |
| blockSize | 512 bits ⓘ |
| category | broken cryptographic primitive ⓘ |
| chosenPrefixCollisionDemonstratedYear | 2007 ⓘ |
| collisionAttackComplexity | significantly less than 2^64 ⓘ |
| collisionResistanceStatus | broken ⓘ |
| commonlyUsedFor |
data integrity checks
ⓘ
file checksums ⓘ non-cryptographic fingerprinting ⓘ |
| compressionFunctionRounds | 64 ⓘ |
| cryptographicSecurityStatus | not recommended ⓘ |
| designedBy | Ronald Rivest NERFINISHED ⓘ |
| designGoal | improved security over MD4 ⓘ |
| designPredecessor | MD4 NERFINISHED ⓘ |
| digestLengthBytes | 16 ⓘ |
| firstCollisionPublishedYear | 2004 GENERATED ⓘ |
| hashOutputSize | 128 bits ⓘ |
| initialValueRegisterA | 0x67452301 ⓘ |
| initialValueRegisterB | 0xefcdab89 ⓘ |
| initialValueRegisterC | 0x98badcfe ⓘ |
| initialValueRegisterD | 0x10325476 ⓘ |
| internalStateSize | 128 bits ⓘ |
| notSuitableFor |
TLS certificates
NERFINISHED
ⓘ
code signing ⓘ digital signatures ⓘ password hashing ⓘ |
| numberOfRounds | 4 ⓘ |
| operatesOn | binary messages of arbitrary length ⓘ |
| outputEncodingCommonlyUsed | hexadecimal ⓘ |
| paddingMethod | bit-1 followed by zeros and length encoding ⓘ |
| practicalCollisionDemonstratedYear | 2004 ⓘ |
| preimageResistanceStatus | weakened ⓘ |
| publishedInYear | 1992 ⓘ |
| recommendationBySecurityCommunity | migrate to stronger hash functions ⓘ |
| secondPreimageResistanceStatus | weakened ⓘ |
| specifiedIn | RFC 1321 NERFINISHED ⓘ |
| standardizedBy |
Internet Engineering Task Force
ⓘ
surface form:
IETF
|
| supersededBy |
SHA-1
NERFINISHED
ⓘ
SHA-2 NERFINISHED ⓘ SHA-3 NERFINISHED ⓘ |
| usedIn | legacy applications ⓘ |
| usesMerkleDamgårdConstruction | true ⓘ |
| vulnerableTo |
chosen-prefix collision attacks
ⓘ
collision attacks ⓘ length extension attacks ⓘ |
| wordSize | 32 bits ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.