The MD5 Hashing Algorithm

Data Protection in the Data Center

Why are we bothering with cryptography when talking about data centers? If we believe that the data center is a treasure chest for our business’ most important assets, then we have to realize the importance and the role of cryptography for: a)  Maintaining the integrity of data b)  Protecting data privacy, especially with new regulatory constraints

- In Motion, In Use, and At Rest

Hashing Algorithms and Cryptography

Hashing algorithms (or hashing functions) are not technically encryption algorithms at all. They are though, an essential component in cryptography along with symmetric encryption and asymmetric encryption algorithms. Hashing algorithms are also known as a Message Digest.

Message Digest: Data Fingerprint

Message-Digest algorithms are mathematical functions that transform a data string of arbitrary length into a new string of data of fixed length (128 bits, in this case). The output of the algorithm can be thought of as a “fingerprint” of the input data. That is, it is a unique representation of the input data. Important Points: 1)  It should be impossible to have two different versions of the input data that

returns the same output data. 2)  It cannot be reversed! It should be impossible to produce the input value even if

you know the output value. It’s a one-way function!

Origins of the MD5 Algorithm

The MD5 hashing algorithm was created in the early 1990’s, and is one of a family of Message-Digest algorithms. Several of these (the later versions) were developed by Ronald Rivest. Who is Ron Rivest? Well, Ron Rivest is a cryptographer with significant contributions to the field. He is a professor at Massachusetts Institute of Technology. He’s also one of the inventors of the RSA Algorithm (the “R” in RSA), as well as the RC cypher algorithms. He’s a giant in the cryptography world.

How does MD5 work?

The MD5 algorithm first divides the input data into blocks of 512 bits each. 64 Bits recording the length of the original input are inserted at the end of the last block. If the last block is less than 512 bits, some extra bits are ‘padded’ to the end. The algorithm consists of a set of buffers and tables to combine and shift the data through five computational steps. Four rounds of computations are done to compute the hash of the input value. Look at my blog article for more detailed explanation. ‘just too much for a slide. MD5 is quite computationally efficient (it’s fast), compared to other hashing functions.

Collisions

In cryptography, a “collision” is when two distinct input values produce the same hash. This is bad, because if there are collisions then the algorithm can be compromised. Collisions are flagged when one is actually demonstrated, or when it’s shown that the costs (in time and computing resources) of producing a collision are reasonably within reach. In 1996, collisions were found in MD5. Further exploits were demonstrated through the beginning of the 21st century. This led to a search for other (stronger) hashing algorithms, but MD5 is still in widespread use today.

MD5 in Action

MD5 is in widespread use in the Transport Layer Security (TLS) protocol on which HTTPS is based. In fact, even though collisions were found with MD5 as early as 1996, it was still included in TLS as late as 2008. That said, MD5 was banned at that time in TLS certificates but not for other aspects of TLS. Researchers have devised attacks taking advantages of these weaknesses. Such techniques are called Security Losses from Obsolete and Truncated transcript Hashes, or SLOTH. With significant but easily obtainable (approximately 50 cores) computing power, impersonation attacks can be conducted on TLS-based web sites and applications.

boblandstrom.com @DataCenterBob

RUINED FOR ORDINARY...