MD5 encryption

Get help on web editors (Frontpage, Dreamweaver) and web languages (HTML, ASP, PHP).
Post Reply
ckritntt
Registered User
Posts: 28
Joined: 04 Jun 2004, 02:00

MD5 encryption

Post by ckritntt »

Hi!
Has anyone ever used md5 encryption.
I'd greatly appreciate it if anyone could give me a link to tutorials etc.
Thanx
wit_skapie
Moderator Emeritus
Posts: 6866
Joined: 12 Dec 2003, 02:00
Location: JHB
Contact:

Post by wit_skapie »

Well how do you want to use it? Remember that MD5 is not an encryption algorithm - it's a hashing algorithm.
So why not start by saying what you want to achieve with encryption - then i'll give you some help :D
Thrall
Moderator Emeritus
Posts: 3687
Joined: 30 Apr 2003, 02:00
Location: Texas, USA

Post by Thrall »

MD5 is an algorithm which creates a digital fingerprint called the hash-value - it's used mainly for checking the integrity of data. If anyone changes even a single binary digit in that data, the hash-value will be completely changed. They can't be reverse-engineered, either - you can't work backwards from a hash and work out the value before hashing occurred - it's a one-way function.

However, because the MD5 algorithm is well-known, hash-values (when used for encrypted passwords) can be compared by to the plaintext precursor to a known hash-value (typically by means of dictionary and brute-force attacks) - if a match in hash-values is made, the password is obviously cracked.

MD5 was developed by Ron Rivest (the "R" in RSA Security, a well-known cryptography company) as a replacement for the flawed MD4.
Be polite, professional and have a plan to kill everyone you meet.

My Iraq pics
Synkronos
Moderator Emeritus
Posts: 1914
Joined: 13 Mar 2003, 02:00
Location: Cape Town
Contact:

Post by Synkronos »

As an interesting aside, it is also technically possible to craft a file _nothing_ like the original, but still posessing the same MD5 hash. Useful only if you want to maliciously replace someone's useful program with a trojan. And anyway, there are easier ways (like 'click here for free porn!!' buttons)
I thought what I'd do was, I'd pretend I was one of those deaf-mutes.
Buddha
Registered User
Posts: 62
Joined: 02 Nov 2004, 02:00

MD5

Post by Buddha »

Hey peeps... i'm busy writing a payment module that links the joomla CMS with paygate for CC authorisations... (as they dont have one)

anyway i get everything right except the MD5 value...

Code: Select all

// Create MD5 Hash key...
$secret   = "secret";
$checksum = md5($secret);

// Required string
$final_line = "10011013800|$order_id|$order_total|$vendor_currency|www.xxxxx.co.za/index.php?page=account.order_details&order_id=$ordernumber&option=com_virtuemart&Itemid=1|$date|" . $checksum;
do i have it the wrong way around? cos they are telling me with these test values they are not getting the 26424842624 <number but the actual text...
where i have md5($secret) should i have md5($final_line) and remove the $checksum @ the end of the finalline string and put the MD5key 'secret' there?

Thanks for any pointers... i'm a tad lost... ;)

-buddha
Buddha
Registered User
Posts: 62
Joined: 02 Nov 2004, 02:00

Post by Buddha »

never mind... worked it out ;)

Code: Select all

// Create MD5 Hash key...
$secret   = "secret";

// Required URL
$final_line = "10011013800|$order_id|$order_total|$vendor_currency|www.xxxxxx.co.za/index.php?page=account.order_details&order_id=$ordernumber&option=com_virtuemart&Itemid=1|$date|" . $secret;
$checksum = md5($final_line);
-buddha
Post Reply