Scribd
Upload
11 views3 pages

16 MD5

MD5 is a widely used 128-bit cryptographic hash function designed by Ron Rivest in the early 1990s. It operates by padding the input message, appending the length, and then processing the message in 16-word blocks through four rounds using auxiliary functions to output the digest. The differences between MD4 and MD5 include adding a fourth round, unique additive constants in each step, changing one of the functions, promoting faster avalanching, changing the word access order, and optimizing distinct shift amounts.

Uploaded by

177 Sumit Rathor
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
11 views3 pages

16 MD5

MD5 is a widely used 128-bit cryptographic hash function designed by Ron Rivest in the early 1990s. It operates by padding the input message, appending the length, and then processing the message in 16-word blocks through four rounds using auxiliary functions to output the digest. The differences between MD4 and MD5 include adding a fourth round, unique additive constants in each step, changing one of the functions, promoting faster avalanching, changing the word access order, and optimizing distinct shift amounts.

Uploaded by

177 Sumit Rathor
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Lecture-16

CS 703

Department of CSE/IT

MD5

MD5:- MD5 was the last in a succession of cryptographic hash functions


designed by Ron Rivest in the early 1990s.
It is a widely-used well-known 128-bit iterated hash function, used in various
applications including SSL/TLS, IPSec, and many other cryptographic protocols.
I
t is also commonly-used in implementations of time stamping mechanisms,
commitment schemes, and integrity-checking applications for online software,
distributed file systems, and random-number generation.

MD5 Algorithm Description


The following five steps are performed to compute the message digest of the
message.

Step 1. Append Padding Bits


The message is "padded" (extended) so that its length (in bits) is congruent to
448, modulo 512. That is, the message is extended so that it is just 64 bits shy of
being a multiple of 512 bits long. Padding is always performed, even if the length
of the message is already congruent to 448, modulo 512.

Padding is performed as follows: a single "1" bit is appended to the message, and
then "0" bits are appended so that the length in bits of the padded message
becomes congruent to 448modulo 512. In all, at least one bit and at most 512 bits
are appended.
Step 2. Append Length
A 64-bit representation of b (the length of the message before the padding bits
were added) is appended to the result of the previous step. In the unlikely event
that b is greater than 2^64, then only the low-order 64 bits of b are used. (These
bits are appended as two 32-bit words and appended low-order word first in
accordance with the previous conventions.)

At this point the resulting message (after padding with bits and with b) has a
length that is an exact multiple of 512 bits. Equivalently, this message has a length
that is an exact multiple of 16 (32-bit) words. Let M[0 ... N-1] denote the words
of the resulting message, where N is a multiple of 16.

Step 3. Initialize MD Buffer


A four-word buffer (A,B,C,D) is used to compute the message digest. Here each
of A, B, C, D is a 32-bit register.
These registers are initialized to the following values in hexadecimal, low-order
bytes first):

word A: 01 23 45 67

word B: 89 ab cd ef

word C: fe dc ba 98

word D: 76 54 32 10

Step 4. Process Message in 16-Word Blocks


We first define four auxiliary functions that each take as input three 32-bit words
and produce as output one 32-bit word.

F(X,Y,Z) = XY v not(X) Z
G(X,Y,Z) = XZ v Y not(Z)
H(X,Y,Z) = X xor Y xor Z
I(X,Y,Z) = Y xor (X v not(Z))

In each bit position F acts as a conditional: if X then Y else Z. The function F


could have been defined using + instead of v since XY and not(X)Z will never
have 1's in the same bit position.) It is interesting to note that if the bits of X, Y,
and Z are independent and unbiased, the each bit of F(X,Y,Z) will be independent
and unbiased.

The functions G, H, and I are similar to the function F, in that they act in "bitwise
parallel" to produce their output from the bits of X, Y, and Z, in such a manner
that if the corresponding bits of X, Y, and Z are independent and unbiased, then
each bit of G(X,Y,Z), H(X,Y,Z), and I(X,Y,Z) will be independent and unbiased.
Note that the function H is the bit-wise "xor" or "parity" function of its inputs.

Step 5. Output
The message digest produced as output is A, B, C, D. That is, we begin with the
low-order byte of A, and end with the high-order byte of D.

Differences Between MD4 and MD5

The following are the differences between MD4 and MD5:


1. A fourth round has been added.
2. Each step now has a unique additive constant.
3. The function g in round 2 was changed from (XY v XZ v YZ) to (XZ v Y
not(Z)) to make g less symmetric.
4. Each step now adds in the result of the previous step. This promotes a faster
"avalanche effect".
5. The order in which input words are accessed in rounds 2 and 3 is changed, to
make these patterns less like each other.
6. The shift amounts in each round have been approximately optimized, to yield
a faster "avalanche effect." The shifts in different rounds are distinct.

You might also like