THE MD5 ENCRYPTION & DECRYPTION

TECHNIQUE

BY
JATIN KUMAR (18BCB0072)
MRIYANK KUMAR SINGH (18BCE0248)
PRABHAKAR KUMAR (18BCE0194)
SLOT – B1

ABSTRACT
MD5 or Message-Digest algorithm 5 is a type of cryptographic hash function that is
generally used together with a 128-bithash value. It is commonly expressed as 32-
digit hexadecimal number. The Message-Digest (MD) algorithm 5 Professor was
created and developed by Ronald L. Rivest from MIT, which is the third version of
Message Digest (The previous encryptions of this category were the MD2 and MD4)
and quite similar to MD5 with respect to structure.
Rivest produced this product for the purpose of using MD5 with digital signature
applications. A Digital signature program includes compression of large-sized files
using safest method possible before it undergoes encryption using a password, which
is under a public key cryptosystem. Today, MD5 algorithm is widely used in the
process of assessing the authenticity of certain files. The procedure of verification
occurs in such a way that a 128-bit-message-digest of any length is formed based on
a primary data input. This is considered to be exclusive to just a single data and it
acts as an individual fingerprint as well. MD5 has been widely used in the software
world to provide some assurance that a transferred file has arrived. But now days, it
is quite easy to generate MD5 collisions, and so far, it is possible for the person who
created the file to create a second file with the same checksum, so the file can be
protected against some forms of malicious tampering.

INTRODUCTION
MD5 encryption is always mentioned when we discuss over the topic of
Cryptography. Message-Digest algorithm 5, more commonly known as MD5, is a
type of cryptographic hash function that is generally used together with a 128- bit
hash value. MD5 is greatly utilized in different security functions as identified in the
standard Internet Engineering Task Force (IETF). According to the experts, MD5
hash is commonly expressed as 32-digit Hexadecimal number. MD5 is somewhat
slower than that of MD4 algorithm, but is more securely and conservatively
designed.
History of MD5
MD5 is an algorithm developed by Professor Ronald Rivest of MIT University in
the series of Message-Digest Algorithms. When statistics and analytics indicated
that the predecessor of MD5, i.e. MD4 algorithm is quite insecure and vulnerable,
MD5 was designed in 1991to be more securable and conservative replacement
against attacks. In 1993, Dan Boer and Bosselaers were succeeded partially in
finding that two different initialization vectors produce an identical digest.In 1996,
Dobbertin announced a collision of compression functionof MD5 algorithm. This
was actually not an attack over thewhole MD5 function but it suggested considering
any better cryptographic replacement for use.

Hash function
A hash function is any well-defined function which converts large amount of data
into a small data representation.
The Hash Function returns a calculated value known as hash values, hash codes,
hash sums, checksums or hashes.
Hash functions are most commonly used for searching the data or for tasks like
comparison, finding items in large databases, detecting similar or duplicate records
in large files, etc. Hash functions are also used in hash tables to quickly locate the
data, used to build cache for large data.

Algorithm

How to encrypt in MD5?

• The MD5 algorithm is an extension of the MD4 message-digest algorithm.
• Let us suppose that we are giving an input message of b-bit and we want to
find its message digest. Here, b is an arbitrary integer which can be equal to
greater than zero but no less than zero. Therefore, let the bits of the input
message be as follows:
m0 m1 m2 ... m(b-1)
 • The MD5 Algorithm takes in concern the following steps to compute the
message digest of the given input message:

1. Padding the input message.

The b-bit message is extended or more specifically
“padded”, so that its length reaches 448 bits, which is 64
bits fewer than a multiple of 512 bits. The padding is performed by appending a
single “1” bit to the input message, and then “0” bits are appended so that the
length in bits of the padded message becomes equal to
448 bits.

2. Append 64-bit number.

Now, the length of the input message is converted to 64-bit representation and then
it is appended to the previous result.
After this processing, the resulting message of padded bits and b, has a length that
is an exact multiple of 512 bits. Also, this message has a length that is an exact
multiple of 16 (32-bit) words. Thus, m [0 ... n-1] denote the words of the resulting
message, where n is a multiple of 16.

3. Message-Digest Buffer is initialized.

A 4-word buffer (A,B,C,D) is used to compute the message digest.
Here, each of A, B, C, D is a 32-bit register. These registers are initialized to the
following values in hexadecimal:
word A: 01 23 45 67
word B: 89 ab cd ef word C: fe dc ba 98 word D: 76 54 32 10

4. Processing of each 16-Word Blocks:

Firstly, four functions are defined that take as input three 32-bit words and result in
an output of one 32-bit word. They are as follows:
F(B,C,D)=(B∧C)∨(¬B∧D)

G(B,C,D)=(B∧D)∨(C∧¬D)

H(B,C,D)=B⊕C⊕D

I(B,C,D)=C⊕(B∨¬D)

Figure 1 One MD5 operation. MD5 consists of 64 of these operations, grouped in four rounds of 16 operations. F is a nonlinear
function; one function is used in each round. Mi denotes a 32-bit block of the message input, and Ki denotes a 32-bit constant,
different

How to decrypt MD5 cipher?

The MD5 is based on non-linear (and sometimes non-reversible) functions, so there
is no decryption method. However, brute method, the most basic but also the longest
and most costly method, is to test one by one all the possible words in a given
dictionary to check if their fingerprint is the matching one. dCode uses its databases
of words (2 million potential passwords) whose MD5 hash has already been pre-
calculated. These tables are called rainbow tables.

MD5 – APPLICATIONS AND USES

• Some File Servers provide a pre-computed MD5 (called MD5sum) for their
files, so that one can compare the checksum or hash string of the downloaded
file with it.
• Message-Digest is widely used in different softwares to provide some
assurance that a transferred file has arrived intact.
• MD5 can also be used to store passwords
Code:
Index.php
<!DOCTYPE html>
<head><title>MD5 Cracker</title></head>
<body>
<h1>MD5 cracker</h1>
<p>This application takes an MD5 hash
of a four digit pin and check all 10,000 possible
4 digits PINs to determine the pin.</p>
<pre>
Debug Output:
<?php
$goodtext = "Not found";
if ( isset($_GET['md5']) ) {
$time_pre = microtime(true);
$md5 = $_GET['md5'];

$txt = "0123456789";
$show = 15;

for($i=0; $i<strlen($txt); $i++ ) {

$ch1 = $txt[$i];
for($j=0; $j<strlen($txt); $j++ ) {
$ch2 = $txt[$j];
for($k=0; $k<strlen($txt); $k++ ) {
$ch3 = $txt[$k];
for($l=0; $l<strlen($txt); $l++ ) {
$ch4 = $txt[$l];

$try = $ch1.$ch2.$ch3.$ch4;

$check = hash('md5', $try);

if ( $check == $md5 ) {
$goodtext = $try;
break;
}

if ( $show > 0 ) {
 print "$check $try\n";
$show = $show - 1;
}
}
}
}
}

$time_post = microtime(true);
print "Elapsed time: ";
print $time_post-$time_pre;
print "\n";
}
?>
</pre>

<p>Original Text: <?= htmlentities($goodtext); ?></p>

<form>
<input type="text" name="md5" size="60" />
<input type="submit" value="Crack MD5"/>
</form>
<ul>
<li><a href="index.php">Reset</a></li>
<li><a href="md5.php">MD5 Encoder</a></li>
<p>18BCE0248<br>18BCE0194<br>18BCB0072</p>
</ul>
</body>
</html>

Makecode.php
<?php
$error = false;
$md5 = false;
$code = "";
if ( isset($_GET['code']) ) {
$code = $_GET['code'];
if ( strlen($code) !=4 ) {
$error = "Input must be exactly 4 digits PIN";
} else if ( $code[0] < "0" || $code[0] > "9" ||
$code[1] < "0" || $code[1] > "9"
|| $code[2] <"0" || $code[2] > "9" ||
$code[3] < "0" || $code[3] > "9") {
$error = "Input must contains digits";
} else {
$md5 = hash('md5', $code);
}
}
?>
<!DOCTYPE html>
<head><title>vit</title></head>
<body>
<h1>MD5 PIN Maker</h1>
<?php
if ( $error !== false ) {
print '<p style="color:red">';
print htmlentities($error);
print "</p>\n";
}
if ( $md5 !== false ) {
print "<p>MD5 value: ".htmlentities($md5)."</p>";
}
?>
<p>Please enter 4 digit PIN.</p>
<form>
<input type="number" name="code" value="<?= htmlentities($code) ?>"/>
<input type="submit" value="Compute MD5 for CODE"/>
</form>
<p><a href="makecode.php">Reset</a></p>
<p><a href="index.php">Back to Cracking</a></p>
</body>
</html>

Md5.php
<?php
$md5 = "Not computed";
if ( isset($_GET['encode']) ) {
$md5 = hash('md5', $_GET['encode']);
}
?>
<!DOCTYPE html>
<head><title>vit MD5</title></head>
<body>
<h1>MD5 Maker</h1>
<p>MD5: <?= htmlentities($md5); ?></p>
<form>
<input type="text" name="encode" size="40" />
<input type="submit" value="Compute MD5"/>
</form>
<p><a href="md5.php">Reset</a></p>
<p><a href="index.php">Back to Cracking</a></p>
</body>
</html>
Demonstration

Why MD5 is still used widely?

• An MD5 exposure is well documented and it remains distributed in its usage.
• MD5 is used as a checksum hash function because it is very fast and collision
is very low in ratio and if collision is possible then that is not a big problem.
MD5 is very quick to create.
• For unskilled tasks MD5 hash is good enough.
• For example, if we download an e-book from a trusted mirror and want to
check whether the file that has been downloaded is correct or not, we can do
it so by generating the MD5 hash of it. Then compare the hash with the
generated hash of the file.
Conclusion
We can conclude that MD5Algorithmis widely used cryptographic hash function
and often used in checking file integrity, saving passwords, generating hash
functions, etc.MD5 was developed with a view of getting more secure environment
than its predecessor, MD4. It is the third in its category of message-digest.

References
[1]. “MD5 Algorithm” http://en.wikipedia.org/wiki/MD5
[2]. “The purpose of Cryptography”
http://www.garykessler.net/library/crypto.html#purpose
[3] “MD5, Message-Digest Algorithm”
http://www.networksorcery.com/enp/data/md5.htm
[4]. “RFC 1321 -The MD5 Message-Digest Algorithm”
http://www.faqs.org/rfcs/rfc1321.htm
[5]. “php md5 function”
https://www.php.net/manual/en/function.md5.php