1 / 12

MD5 & Hash Encryption

MD5 & Hash Encryption. By Alex Buzak. Overview. Purpose of MD5 and Hash Encryptions Examples MD5 Algorithm Explanation of Possible Security Risks Practical Applications Through Code Possible Future Security Risks. Macintosh MD5 Terminal Execution. [location] md5 attr. (word/file)

MikeCarlo
Download Presentation

MD5 & Hash Encryption

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MD5 & Hash Encryption By Alex Buzak

  2. Overview • Purpose of MD5 and Hash Encryptions • Examples • MD5 Algorithm • Explanation of Possible Security Risks • Practical Applications Through Code • Possible Future Security Risks

  3. Macintosh MD5 Terminal Execution [location] md5 attr. (word/file) Attributes: -s indicates string input, not file! ex. md5 -s test -r reverses print of hash/word ex md5 -r -s test -q overrides -r, only md5 sum printed ex md5 -q -s test -t built-in time test ex md5 -t Other Attributes: [-p -x] Note: -s must be the last attribute or it will think everything past is the string

  4. Windows md5 Command Line Execution Not Built In To Windows Command Line Example md5sum [filename] Ex: C:/md5sum test.txt [Or wherever the md5sum.exe is located] -b Reads Files In Binary Mode -c Checks Digest Against Given List -w Warns About Improperly Formatted md5 Checksums

  5. Difficulty In Cracking • Md5, with its 128bit encryption algorithm has 1,280,000,000,000,000,000 possible combinations. • Even if the exact same hash value found, possible other string combination could have created it. • It is considered that the md5 message digest would take an unrealistic time to crack via brute force attack.

  6. MD5 Completely Secure? It most definitely is a better algorithm than its predecessors, however, flaws do allow for exploits to the system. Although it is likely that there are more than the two types of cracking techniques that I have been able to find, I shall only discuss the two most widely known.

  7. Possible Techniques • Brute Force (easiest, but success low) • A brute force attack simply tries all possible combinations, until it finds the correct solution. • Collision Checking (harder to implement) • Collision checking is the attempt to find two different inputs to the md5 algorithm which create the same generated hash.

  8. Digital Signatures (Authentication) Certificates One-Way Encryption Secure storage of information that does not need to be deciphered. Uses of MD5 Encryption

  9. Digital Signatures Possibly the best reason for having an md5 algorithm is for the use of digital signatures. They allow other people to digitally verify that whatever document they received is actually authentic and not tampered with. Couldn’t find any free software to create digital signatures, or source code to hardcode it into any language. Therefore I can’t show any examples of digital signatures or certificates in use.

  10. Collisions As Security Hazard Collisions are the main hazard when dealing with the md5 algorithm, as collisions, or two files that produce the same hash signature. To verify a document, a md5 hash of the file is created and sent along with the document as a certificate. When the other user receives the file, it is certified to either be the original, or a tampered with document. This is done by hashing the file again upon arrival, and comparing the two hash signatures. If they match, the document is said to be authentic.

  11. Therefore, if someone were to be able to create another document with completely different content, but producing the same hash signature, it would still be said to be authentic.

  12. Easy to use Widely used Considered secure Difficult to crack Is susceptible to brute force attacks Hash collisions is a known flaw Quantum computers would make such an algorithm worthless Pros/Cons MD5

More Related