是否可以解密md5哈希？ [英] Is it possible to decrypt md5 hashes?

问题描述

有人告诉我，他已经看到可以接受MD5加密密码的软件系统（通过与其他系统的各种集成）解密，并使用自己的算法将它们存储在系统自己的数据库中。

可以吗？我认为解密MD5哈希是不可能的（可行的）。

我知道有MD5字典，但是是否有实际的解密算法？

解决方案

否。 MD5不是加密（虽然它可能被用作某些加密算法的一部分），但它是一种单向的方式哈希函数。作为转型的一部分，大部分原始数据实际上是丢失的。

想想一下：MD5总是128位长。这意味着有可能的MD5散列有2个 ¹²⁸ 。这是一个相当大的数量，但它绝对是有限的。然而，给定的散列函数可以输入无数个可能的输入（并且它们大多数包含超过128位，或者是16字节）。因此，实际上对于将散列到相同值的数据来说，实际上是无限数量的可能性。使散列有趣的事情是，找到两个散列到相同值的数据是非常困难的，事故发生的几率几乎为0。

一个简单的例子（非常不安全的）散列函数（这说明它是单向的一般想法）将是采取一个数据的所有位，并将其视为一个大数字。接下来，使用一些大（可能是素数）数字 n 执行整数除法，并取余数（参见：模量）。您将留下0到 n 之间的一些数字。如果您要再次执行相同的计算（任何时间，任何计算机上，任何地方），使用完全相同的字符串，它将得到相同的值。然而，没有办法找出原始价值是什么，因为有一个无限数量的数字具有确切的余数，除以 n 。

那就是说，MD5被发现有一些缺点，这样有了一些复杂的数学，可能会发现一个冲突，而不用尝试2 ¹²⁸ 可能的输入字符串。而且大多数密码很短，而且人们经常使用常用值（例如密码或秘密）意味着在某些情况下，您可以通过Google搜索某个密码对哈希进行相当好的猜测，或使用<一个href =http://en.wikipedia.org/wiki/Rainbow_table =noreferrer>彩虹表。这就是为什么你应该总是 salt 加密密码的原因之一，以便两个相同的值，当散列，不会哈希到相同的值。

一旦一个数据已经通过散列函数运行，没有回退。 p>

Someone told me that he has seen software systems that would accept MD5 encrypted passwords (through various integrations with other systems), decrypt them, and store them in the systems own database using its own algorithm.

Is that possible? I thought that it wasn't possible (feasible) to decrypt MD5 hashes.

I know there are MD5 dictionaries, but is there an actual decryption algorithm?

解决方案

No. MD5 is not encryption (though it may be used as part of some encryption algorithms), it is a one way hash function. Much of the original data is actually "lost" as part of the transformation.

Think about this: An MD5 is always 128 bits long. That means that there are 2¹²⁸ possible MD5 hashes. That is a reasonably large number, and yet it is most definitely finite. And yet, there are an infinite number of possible inputs to a given hash function (and most of them contain more than 128 bits, or a measly 16 bytes). So there are actually an infinite number of possibilities for data that would hash to the same value. The thing that makes hashes interesting is that it is incredibly difficult to find two pieces of data that hash to the same value, and the chances of it happening by accident are almost 0.

A simple example for a (very insecure) hash function (and this illustrates the general idea of it being one-way) would be to take all of the bits of a piece of data, and treat it as a large number. Next, perform integer division using some large (probably prime) number n and take the remainder (see: Modulus). You will be left with some number between 0 and n. If you were to perform the same calculation again (any time, on any computer, anywhere), using the exact same string, it will come up with the same value. And yet, there is no way to find out what the original value was, since there are an infinite number of numbers that have that exact remainder, when divided by n.

That said, MD5 has been found to have some weaknesses, such that with some complex mathematics, it may be possible to find a collision without trying out 2¹²⁸ possible input strings. And the fact that most passwords are short, and people often use common values (like "password" or "secret") means that in some cases, you can make a reasonably good guess at someone's password by Googling for the hash or using a Rainbow table. That is one reason why you should always "salt" hashed passwords, so that two identical values, when hashed, will not hash to the same value.

Once a piece of data has been run through a hash function, there is no going back.

这篇关于是否可以解密md5哈希？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！