Talk:MD5

This is the talk page for discussing improvements to the MD5 article.
This is not a forum for general discussion of the article's subject.

Put new text under old text. Click here to start a new topic.
Sign your posts by typing four tildes (~~~~).
New to Wikipedia? Welcome! Learn to edit; get help.

Article policies

Find sources: Google (books · news · newspapers · scholar · free images · WP refs) · FENS · JSTOR · NYT · TWL

Archives: 1

WikiProject Cryptography / Computer science

(Rated C-class, Top-importance)

	v t e This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
C	This article has been rated as C-Class on the quality scale.
Top	This article has been rated as Top-importance on the importance scale.
	This article is supported by WikiProject Computer science (marked as Top-importance).

WikiProject Computing / Networking / Software / Websites / CompSci / Security

(Rated C-class, Mid-importance)

This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.

C

This article has been rated as C-Class on the project's quality scale.

Mid

This article has been rated as Mid-importance on the project's importance scale.

This article is supported by Networking task force (marked as Mid-importance).

This article is supported by WikiProject Software (marked as High-importance).

This article is supported by WikiProject Websites (marked as High-importance).

This article is supported by WikiProject Computer science (marked as Mid-importance).

This article is supported by WikiProject Computer Security (marked as High-importance).

Things you can help WikiProject Computer science with:

Here are some tasks awaiting attention:

Article requests :
- Requested articles/Applied arts and sciences/Computer science, computing, and Internet
Cleanup :
- Computer science articles needing attention
- Computer science articles needing expert attention
Copyedit :
- Computing
Expand :
- Computer science
Infobox :
- Computer science articles without infoboxes
Maintain :
- Timeline of computing 2020–2029
Photo :
- Find pictures for the biographies of computer scientists (see List of computer scientists)
- Computing articles needing images
Stubs :
- Computer science stubs
Unreferenced :
- WikiProject Computer science/Unreferenced BLPs
Project-related :
- Tag all relevant articles in Category:Computer science and sub-categories with {{WikiProject Computer science}}

Things you can help WikiProject Computer Security with:

Answer question about Same-origin_policy
Review importance and quality of existing articles
Identify categories related to Computer Security
Tag related articles
Identify articles for creation (see also: Article requests)
Identify articles for improvement
Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
Find editors who have shown interest in this subject and ask them to take a look here.

WikiProject Internet

(Rated C-class, Mid-importance)

	Internet portal v t e This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
C	This article has been rated as C-Class on the project's quality scale.
Mid	This article has been rated as Mid-importance on the project's importance scale.

To-do list for MD5: edit · history · watch · refresh · Updated 2011-07-28

Summarise results of Berson
Complete the (non-pseudocode) description of the MD5 algorithm
Add information about md5x one step to double md5 hashes

Priority 3

This talk page is automatically archived by Lowercase sigmabot III. Any threads with no replies in 90 days may be automatically moved. Sections without timestamps are not archived.

Figure wrong[edit]

The figure uses the part of the message M_i.

But in the code and the RFC it is M_g with g either i, (5i + 1) mod 16, (3i + 5) mod 16 or (7i) mod 16.

Additionally the rotation of inside the figure should be s_i an not s only

I cannot correct the wrong Mi in figure but maybe someone else can.--158.64.4.213 (talk) 10:10, 15 March 2019 (UTC)

Comment on content management systems is irrelevant[edit]

The section on MD5 security notes "As of 2019, one quarter of widely used content management systems were reported to still use MD5 for password hashing."

However, this is irreverent, because the security of password hashes are not impacted by collisions, they are impacted by the speed of hashing. MD5 is a very fast hash, so it's no longer appropriate for password hashing. I propose moving this to another section, and will probably do so within a few days unless I hear otherwise. Simsong (talk) 01:40, 11 September 2020 (UTC)

Pseudocode OK ?[edit]

I tried to implement the pseudocode but I couldn't reproduce the results. (EDITED) Now I succeeded and share what might be ambiguous:

append "1" bit to messsage means that you actually append a byte 128 if the message was/is cut into bytes.
append the original length in bits mod 2^64: It means that the last (512 - 448) bit or 64 - 56 = 8 byte of the padded message are filled with that number, ((number of bytes in original text) MOD 2^61) * 8, padded to length of 8 byte, little endian.
E.g., for "The quick (...) lazy dog" (length = 43 byte = 344 bit), this would be (88, 1, 0, 0, 0, 0, 0, 0) for 1*256 + 88 = 344.
Thus, the padded message would be, written in bytes: [84 (='T'), 104(='h'), 101(='e'), ..., 100(='d'), 111, (='o'), 103(='g'), 128, 0 ... 0, 81, 1, 0, 0, 0, 0, 0, 0].
Ignore the instruction "Be wary of the below definition...". I assume it means "take into account", but how could we anyway anticipate at that point assignments that occur at a later moment?! Just ignore.
The "digest": a0 append ... append d0 // (output is in little endian):
If, in the end, a0 = 1, b0 = 2, c0 = 3, d0 = 4, the output should be "01000000020000000300000004000000"!
Most of it all, the 16 32-bit words M[j] correspond each to 4 consecutive bytes of the message scrambled by reading the chunk in little endian!
So for the above phrase, M[0] = ' '<<24 + 'e'<<16 + 'h'<<8 + 'T', M[1] = 'c'<<24 + 'i'<<16 + 'u'<<8 + 'q', etc. (Mnemonic: little endian is the most counter-intuitive and inconsistent convention you could think of. To make it worse, it is the opposite of what its name suggests! The 'litte' bit (LSB) is not at the end (as in "endian"), but at the beginning - speaking of the least significant byte. The least and most significant bits aren't on either side, but somewhere inside! Congrats on your choice, guys!)

~~Thanks if others can confirm any part of this interpretation.~~ — MFH:Talk 19:09, 2 October 2020 (UTC)

Talk:MD5

Figure wrong[edit]

Comment on content management systems is irrelevant[edit]

Pseudocode OK ?[edit]

Navigation menu

Search