MD5 is a secure hash algorithm. It takes a string as input, and produces a 128-bit number, the hash. The same string always produces the same hash, but given a hash, it is not generally possible to determine the original string. Secure hash algorithms are useful for protecting passwords and ensuring data integrity.

This site has a JavaScript implementation of MD5, and some other secure hash algorithms. This allows web sites to perform simple cryptography on clients, enabling some useful applications:

Protecting Passwords

Without protection, passwords are vulnerable to network sniffing. An attacker could be monitoring an open wireless access point, or using a tool like tcpdump on an ethernet network. JavaScript MD5 provides basic protection of passwords, for sites that do not use SSL. more...

Generating Passwords

Most people have accounts on many different web sites. It isn't possible to remember so many passwords, so most people use the same password everywhere. If one web site suffers a security breach, or has a malicious operator, all your online accounts are at risk. Password generators help solve this problem. more...

Self-Decrypting Pages

Internet email messages are vulnerable to interception and generally considered unsuitable for confidential communication. A self-decrypting page is unreadable until the correct password is entered. Pages can be attached to emails to support confidential communication. more...

Demonstration

hex_md5("message digest") = "f96b697d7cb7938d525a2f31aaf161d0"hex_sha1("160-bit hash") = "90d925d853c3d35cd54070bb75280fefad9de9e7"

More Information

Scripts

Download the scripts, see information about their history and future plans, and links to other resources. more...

Instructions

How to use the scripts to calculate hashes. more...

Protecting Passwords

How to build a web login system that protects passwords with JavaScript MD5. more...

Advanced Authentication

More ideas for protecting passwords, to cope with some of the limitations of the basic system. more...

Other Uses

The scripts have uses besides protecting passwords. more...

Browser Test

The list of browsers and versions on which the script is known to work correctly. more...

Algorithm Information

MD5	Source	Specification
RIPEMD-160	Source	Specification
SHA-1	Source	Specification
SHA-256	Source	Specification
SHA-512	Source	Specification
HMAC		Specification

Collision Weakness

In 2004, a cryptographic weakness was discovered in both the MD5 and SHA-1 algorithms. One of the design goals of secure hash algorithms is "collision resistance". In others words, someone can't find two strings that hash to the same value. Because MD5 is 128-bit, by random chance you will find a collision by producing 2⁶⁴ hashes. The weakness in MD5 is that a way has been found to produce such collisions with only 2⁴² hashes. This makes producing collisions practical and I have seen an example of 100 different collisions.

Most uses of JavaScript hashing (e.g. protecting passwords) do not rely on the collision resistance property. These weaknesses do not create any vulnerability in such web sites. I recommend continuing to use these algorithms for JavaScript hashing.

Users of the Script

• Yahoo used it for non-SSL logins, around 2001 - 2006.
• 
  Guardian Unlimited use it for registered user login.
• 
  Paradigm Healthcare use it for admin logins. One of their engineers contributed a bug fix to the base-64 routines.
• The
  
  Captchas project.
• 
  vBulletin
• 
  netjukebox. The
  
  live demo uses the alternative login system.

© 1998 - 2009

Paul Johnston, distributed under the BSD License   Updated:13 Jul 2009