Software & Apps > Windows 46 46 people found this article helpful What Is MD5? (MD5 Message-Digest Algorithm) Definition of MD5 and its history and vulnerabilities By Tim Fisher Tim Fisher Facebook Twitter Senior Vice President & Group General Manager, Tech & Sustainability Emporia State University Tim Fisher has more than 30 years' of professional technology experience. He's been writing about tech for more than two decades and serves as the SVP and General Manager of Lifewire. lifewire's editorial guidelines Updated on February 20, 2023 Tweet Share Email Tweet Share Email In This Article Expand Jump to a Section MD5 Generators History & Vulnerabilities More Information MD5 (technically called MD5 Message-Digest Algorithm) is a cryptographic hash function whose main purpose is to verify that a file has been unaltered. Instead of confirming two sets of data are identical by comparing the raw data, MD5 does this by producing a checksum on both sets and then comparing the checksums to verify they're the same. MD5 has certain flaws, so it isn't useful for advanced encryption applications, but it's perfectly acceptable for standard file verifications. Using an MD5 Checker or MD5 Generator Microsoft File Checksum Integrity Verifier (FCIV) is one free calculator that can generate the MD5 checksum from actual files and not just text. This online MD5 file checksum works, too. How to Verify File Integrity in Windows With FCIV One easy way to get the MD5 hash of a string of letters, numbers, and symbols is with the Miracle Salad MD5 Hash Generator tool. Plenty of others exist as well, like MD5 Hash Generator and PasswordsGenerator. When the same hash algorithm is used, the same results are produced. This means you can use one MD5 calculator to get the MD5 checksum of some particular text and then use a totally different MD5 calculator to get the exact same results. This can be repeated with every tool that generates a checksum based on this hash function. How to Validate the MD5 Checksum of a File History and Vulnerabilities of MD5 MD5 was invented by Ronald Rivest, but it's only one of his three algorithms. The first hash function he developed was MD2 in 1989, which was built for 8-bit computers. Although it's still in use, MD2 isn't intended for applications that need a high level of security, since it was shown to be vulnerable to various attacks. MD2 was then replaced by MD4 in 1990. MD4 was made for 32-bit machines and was a lot faster than MD2, but was also shown to have weaknesses and is now considered obsolete by the Internet Engineering Task Force. MD5 was released in 1992 and was also built for 32-bit machines. It isn't as fast as MD4 but it is considered to be more secure than the previous MDx implementations. Although MD5 is more secure than MD2 and MD4, other cryptographic hash functions, like SHA-1, have been suggested as an alternative, since MD5 has also been shown to have security flaws. Carnegie Mellon University Software Engineering Institute has this to say about MD5: Software developers, Certification Authorities, website owners, and users should avoid using the MD5 algorithm in any capacity. As previous research has demonstrated, it should be considered cryptographically broken and unsuitable for further use. MD6 has been suggested to the National Institute of Standards and Technology as an alternative to SHA-3. You can read more about this proposal here. More Information on the MD5 Hash MD5 hashes are 128-bits in length and are normally shown in their 32-digit hexadecimal value equivalent. This is true no matter how large or small the file or text may be. Here's an example: Plain text: This is a test.Hex value: 120EA8A25E5D487BF68B5F7096440019 When more text is added, the hash translates to a totally different value but with the same number of characters: Plain text: This is a test to show how the length of the text does not matter.Hex value: 6c16fcac44da359e1c3d81f19181735b In fact, even a string with zero characters has a hex value of d41d8cd98f00b204e9800998ecf8427e, and using even one period makes this value: 5058f1af8388633f609cadb75a75dc9d. Following are a few more examples: Checksum Plain Text bb692e73803524a80da783c63c966d3c Lifewire is a technology website. 64adbfc806c120ecf260f4b90378776a ...!... 577894a14badf569482346d3eb5d1fbc Bangladesh is a South Asian country. 42b293af7e0203db5f85b2a94326aa56 100+2=102 08206e04e240edb96b7b6066ee1087af supercalifragilisticexpialidocious MD5 checksums are built to be non-reversible, meaning you can't look at the checksum and identify the original inputted data. Consider the following: a = 0cc175b9c0f1b6a831c399e269772661 p = 83878c91171338902e0fe0fb97a8c47a However, combining the two, to make ap, produces a totally different and unrelated checksum, which can't be pulled apart to reveal either letter: ap = 62c428533830d84fd8bc77bf402512fc With that being said, there are plenty of MD5 "decrypters" that are advertised as being able to decrypt an MD5 value. However, what's really happening with a decryptor, or "MD5 reverse converter," is that they create the checksum for lots of values and then let you look up your checksum in their database to see if they have a match that can show you the original data. MD5Decrypt is a free online tool that serves as an MD5 reverse lookup, but it only works for common words and phrases. Was this page helpful? Thanks for letting us know! Get the Latest Tech News Delivered Every Day Subscribe Tell us why! Other Not enough details Hard to understand Submit Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. Cookies Settings Accept All Cookies