<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head><meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type"><title>Paj's Home: Cryptography: JavaScript MD5</title><meta content="java, script, javascript, MD5, MD4, SHA, SHA-1, secure, hash, algorithm, digital, signature, password, protection" name="keywords"><meta content="I provide free JavaScript implementations of these secure hash algorithms. Their most common applications is for improving security on web login forms." name="description"><link href="../../styles/common.css" rel="stylesheet"><link href="../../styles/blue-white.css" rel="stylesheet"></head><body><ul id="nav"><li><a href="/index.html">Paj's Home</a>: &nbsp; <ul><li><a href="/aboutme/index.html">About Me</a><br></li><li><a href="/crypt/index.html">Cryptography</a><br></li><li><a href="/security/index.html">Security</a><br></li><li><a href="/progs/index.html">Programming</a><br></li><li><a href="/web/index.html">Web Applications</a><br></li></ul></li><li><a href="/crypt/index.html">Cryptography</a>: &nbsp; <ul><li><a href="/crypt/rsa/index.html">RSA</a><br></li><li><a href="/crypt/md5/index.html">JavaScript MD5</a><br></li><li><a href="/crypt/vigenere.html">Vigenere Cipher</a><br></li><li><a href="/crypt/wordpat.html">Word Patterns</a><br></li></ul></li><li><a href="/crypt/md5/index.html">JavaScript MD5</a> &nbsp; <ul><li><a href="/crypt/md5/scripts.html">Scripts</a><br></li><li><a href="/crypt/md5/instructions.html">Instructions</a><br></li><li><a href="/crypt/md5/auth.html">Protecting Passwords</a><br></li><li><a href="/crypt/md5/advancedauth.html">Advanced Authentication</a><br></li><li><a href="/crypt/md5/uses.html">Other Uses</a><br></li><li><a href="/crypt/md5/browsertest.html">Browser Test</a><br></li></ul></li></ul><script type="text/javascript"> if (/MSIE (\d+\.\d+);/.test(navigator.userAgent)){ if(new Number(RegExp.$1) < 8) { var sfEls = document.getElementById("nav").getElementsByTagName("LI"); for(var i=0; i < sfEls.length; i++) { sfEls[i].onmouseover=function() { this.className+=" sfhover"; } sfEls[i].onmouseout=function() { this.className=this.className.replace(new RegExp(" sfhover"), ""); } } var nav = document.getElementById("nav"); for(var tnode = nav.firstChild; tnode; tnode = tnode.nextSibling) { popup = tnode.getElementsByTagName("UL"); if(popup.length == 0) break; popup = popup[0]; var posX = 0; var posY = 0; var node = tnode; while(node != null){ posX += node.offsetLeft; posY += node.offsetTop; node = node.offsetParent; } popup.style.top = posY + 18; popup.style.left = posX - 40; } } } </script><div class="clearit"></div><table style="width:100%; border-collapse: collapse"><tr><td style="width:170px"><a href="../../site/logos.html"><img src="../../logos/crypto.jpg" alt="" height="213" style="border:none" width="160"></a><p style="text-align:center"></p> <p style="text-align:center"><script type="text/javascript"> google_ad_client = "pub-3545889579815990"; google_ad_width = 120; google_ad_height = 240; google_ad_format = "120x240_as"; google_ad_channel =""; </script><script src="http://pagead2.googlesyndication.com/pagead/show_ads.js" type="text/javascript"></script></p></td><td><div style="text-align:center"><img src="JavaScript_MD5.png" alt="JavaScript MD5" height="77" width="399"></div> <p>MD5 is a secure hash algorithm. It takes a string as input, and produces a 128-bit number, the hash. The same string always produces the same hash, but given a hash, it is not generally possible to determine the original string. Secure hash algorithms are useful for protecting passwords and ensuring data integrity. </p> <p>This site has a JavaScript implementation of MD5, and some other secure hash algorithms. This allows web sites to perform simple cryptography on clients, enabling some useful applications:</p> <dl> <dt>Protecting Passwords</dt> <dd>Without protection, passwords are vulnerable to network sniffing. An attacker could be monitoring an open wireless access point, or using a tool like tcpdump on an ethernet network. JavaScript MD5 provides basic protection of passwords, for sites that do not use SSL. <a href="auth.html">more...</a></dd> <dt>Generating Passwords</dt> <dd>Most people have accounts on many different web sites. It isn't possible to remember so many passwords, so most people use the same password everywhere. If one web site suffers a security breach, or has a malicious operator, all your online accounts are at risk. Password generators help solve this problem. <a href="uses.html#passgen">more...</a></dd> <dt>Self-Decrypting Pages</dt> <dd>Internet email messages are vulnerable to interception and generally considered unsuitable for confidential communication. A self-decrypting page is unreadable until the correct password is entered. Pages can be attached to emails to support confidential communication. <a href="uses.html#sdp">more...</a></dd> </dl> <h2>Demonstration</h2> <script src="2.2/md5-min.js" type="text/javascript"></script> <script src="2.2/sha1-min.js" type="text/javascript"></script> <div class="indented"> <table> <tr><th>Input</th><td><input type="text" id="input" size="40"></td></tr> <tr><th>Calculate</th> <td style="text-align:center"> <input type="button" onclick="document.getElementById('hash').value = hex_md5(document.getElementById('input').value)" value="MD5"> <input type="button" onclick="document.getElementById('hash').value = hex_sha1(document.getElementById('input').value)" value="SHA-1"></td></tr> <tr><th>Result</th><td><input type="text" id="hash" size="40"></td></tr> </table> <div class="source"><pre><span class="nx">hex_md5</span><span class="p">(</span><span class="s2">&quot;message digest&quot;</span><span class="p">)</span> <span class="o">=</span> <span class="s2">&quot;f96b697d7cb7938d525a2f31aaf161d0&quot;</span> <span class="nx">hex_sha1</span><span class="p">(</span><span class="s2">&quot;160-bit hash&quot;</span><span class="p">)</span> <span class="o">=</span> <span class="s2">&quot;90d925d853c3d35cd54070bb75280fefad9de9e7&quot;</span> </pre></div> </div> <h2>More Information</h2> <dl> <dt>Scripts</dt> <dd>Download the scripts, see information about their history and future plans, and links to other resources.&nbsp;<a href="scripts.html">more...</a></dd> <dt>Instructions</dt> <dd>How to use the scripts to calculate hashes.&nbsp;<a href="instructions.html">more...</a></dd> <dt>Protecting Passwords</dt> <dd>How to build a web login system that protects passwords with JavaScript MD5.&nbsp;<a href="auth.html">more...</a></dd> <dt>Advanced Authentication</dt> <dd>More ideas for protecting passwords, to cope with some of the limitations of the basic system.&nbsp;<a href="advancedauth.html">more...</a></dd> <dt>Other Uses</dt> <dd>The scripts have uses besides protecting passwords.&nbsp;<a href="uses.html">more...</a></dd> <dt>Browser Test</dt> <dd>The list of browsers and versions on which the script is known to work correctly.&nbsp;<a href="browsertest.html">more...</a></dd> </dl> <h2>Algorithm Information</h2> <table class="hgap"> <tr><th>MD5</th><td><a href="md5.html">Source</a></td><td><img src="../../logos/elink.png" alt="" height="16" style="border:none" width="16"><a href="http://www.ietf.org/rfc/rfc1321.txt">Specification</a></td></tr> <tr><th>RIPEMD-160</th><td><a href="ripemd160.html">Source</a></td><td><img src="../../logos/elink.png" alt="" height="16" style="border:none" width="16"><a href="http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html">Specification</a></td></tr> <tr><th>SHA-1</th><td><a href="sha1.html">Source</a></td><td><img src="../../logos/elink.png" alt="" height="16" style="border:none" width="16"><a href="http://www.itl.nist.gov/fipspubs/fip180-1.htm">Specification</a></td></tr> <tr><th>SHA-256</th><td><a href="sha256.html">Source</a></td><td><img src="../../logos/elink.png" alt="" height="16" style="border:none" width="16"><a href="http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf">Specification</a></td></tr> <tr><th>SHA-512</th><td><a href="sha512.html">Source</a></td><td><img src="../../logos/elink.png" alt="" height="16" style="border:none" width="16"><a href="http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf">Specification</a></td></tr> <tr><th>HMAC</th><td></td><td><img src="../../logos/elink.png" alt="" height="16" style="border:none" width="16"><a href="http://www.ietf.org/rfc/rfc2104.txt">Specification</a></td></tr> </table> <h2>Collision Weakness</h2> <p>In 2004, a cryptographic weakness was discovered in both the MD5 and SHA-1 algorithms. One of the design goals of secure hash algorithms is "collision resistance". In others words, someone can't find two strings that hash to the same value. Because MD5 is 128-bit, by random chance you will find a collision by producing 2⁶⁴ hashes. The weakness in MD5 is that a way has been found to produce such collisions with only 2⁴² hashes, which makes producing collisions practical. In 2008 a paper was released demonstrating a collision attack that produced a false certificate authority - allowing impersonation of any SSL site on the internet. <img src="../../logos/elink.png" alt="" height="16" style="border:none" width="16"><a href="http://www.win.tue.nl/hashclash/rogue-ca/">more...</a></p> <p>While it is imperitive for ceritifcate authorities to stop issuing MD5 certificates, most uses of JavaScript hashing (e.g. protecting passwords) do not rely on the collision resistance property. These weaknesses do not create a vulnerability in such web sites. It is acceptable to continue using MD5 for such puposes, although I recommend that new sites use SHA-256 or stronger.</p> <h2>Users of the Script</h2> <ul> <li>Yahoo used it for non-SSL logins, around 2001 - 2006.</li> <li>Verizon wireless routers use it for admin logins.</li> <li><img src="../../logos/elink.png" alt="" height="16" style="border:none" width="16"><a href="http://users.guardian.co.uk/signin/0,12930,-1,00.html">Guardian Unlimited</a> use it for registered user login.</li> <li><img src="../../logos/elink.png" alt="" height="16" style="border:none" width="16"><a href="http://paradigm-healthcare.com/">Paradigm Healthcare</a> use it for admin logins. One of their engineers contributed a bug fix to the base-64 routines.</li> <li>The <img src="../../logos/elink.png" alt="" height="16" style="border:none" width="16"><a href="http://captchas.net/">Captchas</a> project.</li> <li><img src="../../logos/elink.png" alt="" height="16" style="border:none" width="16"><a href="http://www.vbulletin.com/">vBulletin</a></li> <li><img src="../../logos/elink.png" alt="" height="16" style="border:none" width="16"><a href="http://www.netjukebox.nl/">netjukebox</a>. The <img src="../../logos/elink.png" alt="" height="16" style="border:none" width="16"><a href="http://live.netjukebox.nl/">live demo</a> uses the <a href="advancedauth.html#alternative">alternative login system</a>.</li> </ul> <table class="hr"><tr><td></td></tr></table><div style="margin-top:0.5em;">&copy; 1998 - 2012 <img src="../../logos/email.png" style="border:none" height="16" alt="" width="16"><a href="mailto:paj@pajhome.org.uk">Paul Johnston</a>, distributed under the <a href="../../site/legal.html#bsdlicense">BSD License</a> &nbsp; <b>Updated:</b>16 May 2011</div></td></tr></table></body></html>