Hi!
Has anyone ever used md5 encryption.
I'd greatly appreciate it if anyone could give me a link to tutorials etc.
Thanx
MD5 encryption
-
wit_skapie
- Moderator Emeritus
- Posts: 6866
- Joined: 12 Dec 2003, 02:00
- Location: JHB
- Contact:
MD5 is an algorithm which creates a digital fingerprint called the hash-value - it's used mainly for checking the integrity of data. If anyone changes even a single binary digit in that data, the hash-value will be completely changed. They can't be reverse-engineered, either - you can't work backwards from a hash and work out the value before hashing occurred - it's a one-way function.
However, because the MD5 algorithm is well-known, hash-values (when used for encrypted passwords) can be compared by to the plaintext precursor to a known hash-value (typically by means of dictionary and brute-force attacks) - if a match in hash-values is made, the password is obviously cracked.
MD5 was developed by Ron Rivest (the "R" in RSA Security, a well-known cryptography company) as a replacement for the flawed MD4.
However, because the MD5 algorithm is well-known, hash-values (when used for encrypted passwords) can be compared by to the plaintext precursor to a known hash-value (typically by means of dictionary and brute-force attacks) - if a match in hash-values is made, the password is obviously cracked.
MD5 was developed by Ron Rivest (the "R" in RSA Security, a well-known cryptography company) as a replacement for the flawed MD4.
As an interesting aside, it is also technically possible to craft a file _nothing_ like the original, but still posessing the same MD5 hash. Useful only if you want to maliciously replace someone's useful program with a trojan. And anyway, there are easier ways (like 'click here for free porn!!' buttons)
I thought what I'd do was, I'd pretend I was one of those deaf-mutes.
MD5
Hey peeps... i'm busy writing a payment module that links the joomla CMS with paygate for CC authorisations... (as they dont have one)
anyway i get everything right except the MD5 value...
do i have it the wrong way around? cos they are telling me with these test values they are not getting the 26424842624 <number but the actual text...
where i have md5($secret) should i have md5($final_line) and remove the $checksum @ the end of the finalline string and put the MD5key 'secret' there?
Thanks for any pointers... i'm a tad lost...
-buddha
anyway i get everything right except the MD5 value...
Code: Select all
// Create MD5 Hash key...
$secret = "secret";
$checksum = md5($secret);
// Required string
$final_line = "10011013800|$order_id|$order_total|$vendor_currency|www.xxxxx.co.za/index.php?page=account.order_details&order_id=$ordernumber&option=com_virtuemart&Itemid=1|$date|" . $checksum;
where i have md5($secret) should i have md5($final_line) and remove the $checksum @ the end of the finalline string and put the MD5key 'secret' there?
Thanks for any pointers... i'm a tad lost...
-buddha
never mind... worked it out
-buddha
Code: Select all
// Create MD5 Hash key...
$secret = "secret";
// Required URL
$final_line = "10011013800|$order_id|$order_total|$vendor_currency|www.xxxxxx.co.za/index.php?page=account.order_details&order_id=$ordernumber&option=com_virtuemart&Itemid=1|$date|" . $secret;
$checksum = md5($final_line);