cryptools

MD5 Hash Generator

Text
Bytes
// using Node.js crypto
const crypto = require("crypto");

const message = "Hello World";

const hash = crypto.createHash("md5")
  .update(message)
  .digest("hex");

console.log(`Computed hash of ${message}: ${hash}`);

The MD5 Hash

MD5 is a hashing algorihtm capable of producing a 128-bit (16 byte) hash from an arbitrary input of bytes. It has been found crypographically broken and unsuitable for further use, due to the ease of finding hash collisions. Collisions are two different input buffers that produce the same output. Attackers can exploit this to validate malicious data (called a collision attack), and tamper with machines.

The following bytes, for example, produce the same MD5 hash, even though they have slightly different values.

  • 4dc968ff0ee35c209572d4777b721587d36fa7b21bdc56b74a3dc0783e7b9518afbfa200a8284bf36e8e4b55b35f427593d849676da0d1555d8360fb5f07fea2
  • 4dc968ff0ee35c209572d4777b721587d36fa7b21bdc56b74a3dc0783e7b9518afbfa202a8284bf36e8e4b55b35f427593d849676da0d1d55d8360fb5f07fea2

Uses for MD5

Hashing algorithms like MD5 are useful because they always produce the same output for the same input, but make it nearly impossible to reverse-engineer a given hash to its original input. They can be used to store passwords, banking information, and other sensitive data so that in the event of a data leak, users' information would remain safe.

Despite its proven insecurity, the hash is still widely used. In older Unix systems, for example, passwords are stored (hashed) in the publicly available /etc/passwd file using the MD5 algorithm. The SHA-2 family of algorithms are much more secure, and some of them—SHA-256, SHA-384, and SHA-512—are on this website for you to try out.