是否可以解密 MD5 哈希? [英] Is it possible to decrypt MD5 hashes?

问题描述

有人告诉我，他看到过以下软件系统:

Someone told me that he has seen software systems that:

1. 从其他系统中检索 MD5 加密密码；
2. 解密加密的密码和
3. 使用系统自己的算法将密码存储在系统的数据库中.

这可能吗?我认为解密 MD5 哈希是不可能/不可行的.

Is that possible? I thought that it wasn't possible / feasible to decrypt MD5 hashes.

我知道有 MD5 字典，但有实际的解密算法吗?

I know there are MD5 dictionaries, but is there an actual decryption algorithm?

推荐答案

没有.MD5 不是加密(尽管它可能被用作某些加密算法的一部分)，它是一种方式哈希函数.许多原始数据实际上作为转换的一部分丢失"了.

No. MD5 is not encryption (though it may be used as part of some encryption algorithms), it is a one way hash function. Much of the original data is actually "lost" as part of the transformation.

想一想:MD5 的长度总是 128 位.这意味着有 2¹²⁸ 个可能的 MD5 哈希值.这是一个相当大的数字，但它绝对是有限的.然而，给定的哈希函数有无数可能的输入(其中大多数包含超过 128 位，或者只有 16 个字节).因此，对于散列为相同值的数据，实际上有无数种可能性.使散列变得有趣的是，要找到散列为相同值的两条数据非常困难，而且偶然发生的几率几乎为 0.

Think about this: An MD5 is always 128 bits long. That means that there are 2¹²⁸ possible MD5 hashes. That is a reasonably large number, and yet it is most definitely finite. And yet, there are an infinite number of possible inputs to a given hash function (and most of them contain more than 128 bits, or a measly 16 bytes). So there are actually an infinite number of possibilities for data that would hash to the same value. The thing that makes hashes interesting is that it is incredibly difficult to find two pieces of data that hash to the same value, and the chances of it happening by accident are almost 0.

(非常不安全的)散列函数的一个简单示例(这说明了它是单向的一般思想)是获取一段数据的所有位，并将其视为一个大数.接下来，使用一些大(可能是质数)数 n 执行整数除法并取余数(请参阅:模量).你会得到一些介于 0 和 n 之间的数字.如果您要再次执行相同的计算(任何时间、任何计算机、任何地方)，使用完全相同的字符串，它将得出相同的值.然而，没有办法找出原始值是多少，因为当除以 n 时，有无数个具有精确余数的数字.

A simple example for a (very insecure) hash function (and this illustrates the general idea of it being one-way) would be to take all of the bits of a piece of data, and treat it as a large number. Next, perform integer division using some large (probably prime) number n and take the remainder (see: Modulus). You will be left with some number between 0 and n. If you were to perform the same calculation again (any time, on any computer, anywhere), using the exact same string, it will come up with the same value. And yet, there is no way to find out what the original value was, since there are an infinite number of numbers that have that exact remainder, when divided by n.

也就是说，已经发现 MD5 有一些弱点，例如通过一些复杂的数学运算，可以在不尝试 2¹²⁸ 个可能的输入字符串的情况下找到碰撞.大多数密码都很短，而且人们经常使用常见值(如密码"或秘密")这一事实意味着在某些情况下，您可以通过谷歌搜索哈希值或使用 彩虹表.这就是为什么你应该总是salt"散列密码的原因之一，这样两个相同的值，当散列时，不会散列到相同的值.

That said, MD5 has been found to have some weaknesses, such that with some complex mathematics, it may be possible to find a collision without trying out 2¹²⁸ possible input strings. And the fact that most passwords are short, and people often use common values (like "password" or "secret") means that in some cases, you can make a reasonably good guess at someone's password by Googling for the hash or using a Rainbow table. That is one reason why you should always "salt" hashed passwords, so that two identical values, when hashed, will not hash to the same value.

一旦一条数据通过哈希函数，就没有回头路了.

Once a piece of data has been run through a hash function, there is no going back.

这篇关于是否可以解密 MD5 哈希?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！