The MD5 hashing algorithm
datacenterbob
2,966 views
9 slides
Nov 23, 2016
Slide 1 of 9
1
2
3
4
5
6
7
8
9
About This Presentation
An introduction to the MD5 Hashing Algorithm and its importance in the data center as an essential component of cryptography. http://boblandstrom.com
Slide Content
The MD5 Hashing Algorithm
Data Protection in the Data Center
Why are we bothering with cryptography when talking about data centers?
If we believe that the data center is a treasure chest for our business’ most important
assets, then we have to realize the importance and the role of cryptography for:
a) Maintaining the integrity of data
b) Protecting data privacy, especially with new regulatory constraints
- In Motion, In Use, and At Rest
Why are we bothering with cryptography when talking about data centers?
If we believe that the data center is a treasure chest for our business’ most important
assets, then we have to realize the importance and the role of cryptography for:
a) Maintaining the integrity of data
b) Protecting data privacy, especially with new regulatory constraints
- In Motion, In Use, and At Rest
Hashing Algorithms and Cryptography
Hashing algorithms (or hashing functions) are not technically encryption algorithms
at all.
They are though, an essential component in cryptography along with symmetric
encryption and asymmetric encryption algorithms.
Hashing algorithms are also known as a Message Digest.
Hashing algorithms (or hashing functions) are not technically encryption algorithms
at all.
They are though, an essential component in cryptography along with symmetric
encryption and asymmetric encryption algorithms.
Hashing algorithms are also known as a Message Digest.
Message Digest: Data Fingerprint
Message-Digest algorithms are mathematical functions that transform a data string
of arbitrary length into a new string of data of fixed length (128 bits, in this case).
The output of the algorithm can be thought of as a “fingerprint” of the input data.
That is, it is a unique representation of the input data.
Important Points:
1) It should be impossible to have two different versions of the input data that
returns the same output data.
2) It cannot be reversed! It should be impossible to produce the input value even if
you know the output value. It’s a one-way function!
Message-Digest algorithms are mathematical functions that transform a data string
of arbitrary length into a new string of data of fixed length (128 bits, in this case).
The output of the algorithm can be thought of as a “fingerprint” of the input data.
That is, it is a unique representation of the input data.
Important Points:
1) It should be impossible to have two different versions of the input data that
returns the same output data.
2) It cannot be reversed! It should be impossible to produce the input value even if
you know the output value. It’s a one-way function!
Origins of the MD5 Algorithm
The MD5 hashing algorithm was created in the early 1990’s, and is one of a family of
Message-Digest algorithms. Several of these (the later versions) were developed by
Ronald Rivest.
Who is Ron Rivest? Well, Ron Rivest is a cryptographer with significant
contributions to the field. He is a professor at Massachusetts Institute of
Technology. He’s also one of the inventors of the RSA Algorithm (the “R” in RSA), as
well as the RC cypher algorithms. He’s a giant in the cryptography world.
The MD5 hashing algorithm was created in the early 1990’s, and is one of a family of
Message-Digest algorithms. Several of these (the later versions) were developed by
Ronald Rivest.
Who is Ron Rivest? Well, Ron Rivest is a cryptographer with significant
contributions to the field. He is a professor at Massachusetts Institute of
Technology. He’s also one of the inventors of the RSA Algorithm (the “R” in RSA), as
well as the RC cypher algorithms. He’s a giant in the cryptography world.
How does MD5 work?
The MD5 algorithm first divides the input data into blocks of 512 bits each. 64 Bits
recording the length of the original input are inserted at the end of the last block. If the
last block is less than 512 bits, some extra bits are ‘padded’ to the end.
The algorithm consists of a set of buffers and tables to combine and shift the data
through five computational steps. Four rounds of computations are done to compute
the hash of the input value.
Look at my blog article for more detailed explanation. ‘just too much for a slide.
MD5 is quite computationally efficient (it’s fast), compared to other hashing functions.
The MD5 algorithm first divides the input data into blocks of 512 bits each. 64 Bits
recording the length of the original input are inserted at the end of the last block. If the
last block is less than 512 bits, some extra bits are ‘padded’ to the end.
The algorithm consists of a set of buffers and tables to combine and shift the data
through five computational steps. Four rounds of computations are done to compute
the hash of the input value.
Look at my blog article for more detailed explanation. ‘just too much for a slide.
MD5 is quite computationally efficient (it’s fast), compared to other hashing functions.
Collisions
In cryptography, a “collision” is when two distinct input values produce the same
hash. This is bad, because if there are collisions then the algorithm can be
compromised.
Collisions are flagged when one is actually demonstrated, or when it’s shown that
the costs (in time and computing resources) of producing a collision are reasonably
within reach.
In 1996, collisions were found in MD5. Further exploits were demonstrated through
the beginning of the 21st century.
This led to a search for other (stronger) hashing algorithms, but MD5 is still in
widespread use today.
In cryptography, a “collision” is when two distinct input values produce the same
hash. This is bad, because if there are collisions then the algorithm can be
compromised.
Collisions are flagged when one is actually demonstrated, or when it’s shown that
the costs (in time and computing resources) of producing a collision are reasonably
within reach.
In 1996, collisions were found in MD5. Further exploits were demonstrated through
the beginning of the 21st century.
This led to a search for other (stronger) hashing algorithms, but MD5 is still in
widespread use today.
MD5 in Action
MD5 is in widespread use in the Transport Layer Security (TLS) protocol on which
HTTPS is based.
In fact, even though collisions were found with MD5 as early as 1996, it was still
included in TLS as late as 2008. That said, MD5 was banned at that time in TLS
certificates but not for other aspects of TLS.
Researchers have devised attacks taking advantages of these weaknesses. Such
techniques are called Security Losses from Obsolete and Truncated transcript
Hashes, or SLOTH. With significant but easily obtainable (approximately 50 cores)
computing power, impersonation attacks can be conducted on TLS-based web sites
and applications.
MD5 is in widespread use in the Transport Layer Security (TLS) protocol on which
HTTPS is based.
In fact, even though collisions were found with MD5 as early as 1996, it was still
included in TLS as late as 2008. That said, MD5 was banned at that time in TLS
certificates but not for other aspects of TLS.
Researchers have devised attacks taking advantages of these weaknesses. Such
techniques are called Security Losses from Obsolete and Truncated transcript
Hashes, or SLOTH. With significant but easily obtainable (approximately 50 cores)
computing power, impersonation attacks can be conducted on TLS-based web sites
and applications.
boblandstrom.com
@DataCenterBob
RUINED FOR ORDINARY...
@DataCenterBob
RUINED FOR ORDINARY...
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 2,966
- Slides 9
- Favorites 6
- Age 3300 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
51 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
49 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
39 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
38 views
21
Know for Certain
DaveSinNM
24 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
27 views