CLO 2

Lecture#09
Cryptographic Hash Functions- MD5
Course: Cryptography & Network Security (CE-408)
Course Teacher: Ms. Rukaiya

Contact Info:

Room No: BS-02, CED / AS-09, ORIC

Email: [email protected]

1
 Introduction
• MD5 algorithm was developed by Professor Ronald L.
Rivest in 1991.
• According to RFC 1321, “MD5 message-digest algorithm
takes as input a message of arbitrary length and
produces as output a 128-bit "fingerprint" or "message
digest" of the input.
• The MD5 algorithm is intended for digital signature
applications, where a large file must be "compressed" in
a secure manner before being encrypted with a private
(secret) key under a public-key cryptosystem such as
RSA.”
• MD5 is being used heavily from large corporations, such
as IBM, Cisco Systems, to individual programmers.
 Introduction
• The MD5 hashing algorithm is a one-way
cryptographic function and used for authenticating the
original message.
• The MD5 hash function was originally designed for
use as a secure cryptographic hash algorithm for
authenticating digital signatures.
• But MD5 has been deprecated for uses other than as
a noncryptographic checksum to verify data integrity
and detect unintentional data corruption.
 MD5 Parameters
• Digest Length = 128 bit
• I/P Text = 512 bit
• Sub Block size = 32bit
• 512/32 = 16 total Sub blocks
• No. Of Rounds = 4
• Iteration per round=16 steps
• T[t] constant= constructed from sine function
• O/P-> four 32-bit blocks
MD5- Implementation Steps
• Step#01: Append padding bits

• The input message is "padded" (extended) so that its length (in bits)
equals to 448 mod 512. Padding is always performed, even if the length
of the message is already 448 mod 512.
Example:
Message = 1000 bits
if length < 448
448 – length = __________
if length > 448
960 – length = __________
• In this example length is greater than 448
960 – 1000 = -40 + 512 (or mod 512)
= 472
• The padding bits will be 472 in which 471 0’s will be leading after 1
MD5- Implementation Steps
• Padding is performed as follows: a single "1" bit is appended to
the message, and then "0" bits are appended so that the length in
bits of the padded message becomes congruent to 448 mod 512.
• At least one bit and at most 512 bits are appended.

100100110…….. 100000……..
Message length =1000 bits Padding bits =472 bits
MD5- Implementation Steps
• Step#02: Append length
• A 64-bit representation of the length of the message is
appended to the result of step1.
• If the length of the message is greater than 2^64, only the
low-order 64 bits will be used.

Use low order first the high order

• The resulting message (after padding with bits and with b)

has a length that is an exact multiple of 512 bits. The input
message will have a length that is an exact multiple of 16 (32-
bit) words.
100100110…….. 100000…….. ….......
1000 bits 472 bits 64 bits
Message Padded bits Add Length
(multiple of 512)
MD5- Implementation Steps
=1000 + 472 + 64
=1472 + 64
1536

100100110…….. 100000…….. ….......

1000 bits 472 bits 64 bits
Message Padded bits Add Length
(multiple of 512)

Step#02(a):
• Divide the input into 512- bit blocks
= 1536 /512
= 3 blocks (of 512 bits)

Data to be hashed (Digested) 1536 bits

512 bits 512 bits 512 bits

MD5- Implementation Steps
• Step#03: Initialize MD Buffer (Little Indian)
• A four-word buffer (A, B, C, D) is used to compute the
message digest.
• Each of A, B, C, D is a 32-bit register.
• These registers are initialized to the following values in
hexadecimal, low-order bytes first):

word A: 01 23 45 67
word B: 89 ab cd ef
word C: fe dc ba 98
word D: 76 54 32 10
 MD5- Implementation Steps
• Step#04: Process the message in 16-word Blocks

 Copy the 512-bit block into 16 sub-blocks for 4 rounds

One block of 512 bits

32 32 32 32 32
bits bits bits bits bits
 T[1,…,k] = constants
(constructed from sine
function)

X[i] = A word of 32 bits

from 512 bits
MD5- Implementation Steps
• Step#04: Process the message in 16-word Blocks
• Four compression functions will be defined such
that each function takes an input of three 32-bit
words and produces a 32-bit word output.

F (X, Y, Z) = XY or not (X) Z

G (X, Y, Z) = XZ or Y not (Z)
H (X, Y, Z) = X xor Y xor Z
I (X, Y, Z) = Y xor (X or not (Z))
MD5- Implementation Steps
Round 1

[abcd k s i] denote the operation a = b + ((a + F (b, c, d) + X [k] + T

[i]) <<< s).

• In the first round, the M inputs are added into the algorithm
sequentially, e.g. M0, M1, M2… M15.

• In the second round, the M inputs are added in the following order:

M1, M6, M11, M0, M5, M10, M15, M4, M9, M14, M3, M8, M13, M2, M7,
M12

• In the third round, the M inputs are added in this sequence:

M5, M8, M11, M14, M1, M4, M7, M10, M13, M0, M3, M6, M9, M12,
M15, M2

• In the fourth round, the M inputs are added in the following order:

M0, M7, M14, M5, M12, M3, M10, M1, M8, M15, M6, M13, M4, M11,
M2, M9
MD5- Implementation Steps
• The values for K are is derived from the formula: abs(sin(i+ 1))×232
MD5- Implementation Steps
• Each operation has a preset number of shifts, and the operations use
them in sequential order (e.g. S1, S2, S3, etc.). The S values are:

•
MD5- Implementation Steps
• After all the 512-bit blocks have been processed a 128-bit message
digest is produced, which is a function of all the bits of your message

• To produce the message digest just sum A, B, C and D and convert it

to hexadecimal.

• Reference Link (Example)

https://www.comparitech.com/blog/information-security/md5-
algorithm-with-examples/
SHA vs MD5
• Brute force attack is harder (160 vs 128 bits for MD5)
• not vulnerable to any known attacks (compared to
MD4/5)
• a little slower than MD5 (80 vs 64 steps)
• both designed as simple and compact
• optimised for big endian CPU's (SUN) vs MD5 for little
endian CPU’s (PC)