MD5 hashing algorithm is dead, get over it!

I had a funny argument with a friend the other day about the MD5 hashing algorithm. The argument was that it had been heard that MD5 is not vulnerable to collisions. Anyone having doubts can see the great examples provided by x-ways.net (creators of WinHex) and the relevant paper.

In case the site goes dead here is an example they have:

Input vector 1:

d1 31 dd 02 c5 e6 ee c4 69 3d 9a 06 98 af f9 5c
2f ca b5 87 12 46 7e ab 40 04 58 3e b8 fb 7f 89
55 ad 34 06 09 f4 b3 02 83 e4 88 83 25 71 41 5a
08 51 25 e8 f7 cd c9 9f d9 1d bd f2 80 37 3c 5b
d8 82 3e 31 56 34 8f 5b ae 6d ac d4 36 c9 19 c6
dd 53 e2 b4 87 da 03 fd 02 39 63 06 d2 48 cd a0
e9 9f 33 42 0f 57 7e e8 ce 54 b6 70 80 a8 0d 1e
c6 98 21 bc b6 a8 83 93 96 f9 65 2b 6f f7 2a 70

Input vector 2:

d1 31 dd 02 c5 e6 ee c4 69 3d 9a 06 98 af f9 5c
2f ca b5 07 12 46 7e ab 40 04 58 3e b8 fb 7f 89
55 ad 34 06 09 f4 b3 02 83 e4 88 83 25 f1 41 5a
08 51 25 e8 f7 cd c9 9f d9 1d bd 72 80 37 3c 5b
d8 82 3e 31 56 34 8f 5b ae 6d ac d4 36 c9 19 c6
dd 53 e2 34 87 da 03 fd 02 39 63 06 d2 48 cd a0
e9 9f 33 42 0f 57 7e e8 ce 54 b6 70 80 28 0d 1e
c6 98 21 bc b6 a8 83 93 96 f9 65 ab 6f f7 2a 70
Identical MD5 value, verified with WinHex: 79054025255fb1a26e4bc422aef54eb4

If you were to put theses two hex values into a file (with a Hex Editor) and then through a MD5 hashing function and a SHA-1 hashing function you can see that MD5 produces the same result were as SHA-1 produces a different one. What is interesting is the amount of changes made. Very few. Is it doctored? I think not! Game over! …sorry if I am re-iterating an old issue, but like the media many time people need to hear about certain issues. Especially digital forensic analysts who rely upon these values for integrity and in their comparison functions.

MD5 hashing algorithm is dead, get over it! Long live the next one!! …or as long as you can that is!

Links Used:
[1] MD5 Collision – http://www.x-ways.net/md5collision.html

This entry was posted in Uncategorized. Bookmark the permalink.

4 Responses to MD5 hashing algorithm is dead, get over it!

  1. Avik says:

    MD5 hash are useful for comparing files.It is build up with small amount of binary data not more than 128 characters.But I think it is still useful for checking for integrity issues.

  2. Amrita says:

    Yes, if am not wrong it is used to check the integrity of files but i have also read this somewhere that MD5 s not suitable for applications like SSL certificates or digital signatures.

  3. Kosta Xynos says:

    I would not use/trust it!!! You are correct it is used to check file integrity and is used in SSL certificates. Recent hacking techniques have shown that it is possible to make fake SSL certificates that look legit (ie. supposedly signed from a trusted CA). For this reason the certificate authorities all made the move to stronger digest algorithms. Further reading at: http://isc.sans.org/diary.html?storyid=5590 and http://www.globalsign.com/support/md5.html and http://www.v3.co.uk/vnunet/news/2233256/verisign-addresses-ssl-flaw

  4. Debt Consolidation says:

    Apologize for my bad english, I think its a nice piece of your writing. Kind-heartedly I have faced alot of difficulties in this train but your article resolution definately relieve me in future. Offer You

Leave a Reply

Your email address will not be published. Required fields are marked *