← Back to Blog
Security2026-03-18 · 8 min read

What is MD5? A Deep Dive into the MD5 Hashing Algorithm and Its Security

MD5 (Message-Digest Algorithm 5) is a widely used cryptographic hash function producing a 128-bit (32 hex character) hash. This article explains how MD5 works, its common uses, and its security limitations.

# MD5# 哈希# 加密# 信息安全

MD5 Overview

MD5 (Message-Digest Algorithm 5) was designed by Ronald Rivest at MIT in 1991. It accepts any-length input and outputs a fixed 128-bit (16-byte / 32 hex character) hash — often called a "message digest" or "digital fingerprint".

Core Properties

1. Determinism: Same input → same output. admin always hashes to 21232f297a57a5a743894a0e4a801fc3. 2. Avalanche Effect: A tiny change in input causes a dramatically different output. 3. One-way: Computationally infeasible to reverse a hash to the original input. 4. Fixed length: Always 32 hex characters, regardless of input size.

How MD5 Works

1. Padding: Pad the message to length ≡ 448 (mod 512)

2. Append length: Add a 64-bit representation of the original message length

3. Initialise buffer: Four 32-bit registers (A, B, C, D)

4. Process blocks: 512-bit blocks, 4 rounds × 16 steps = 64 steps total

5. Output: Final 128-bit hash

Common Use Cases

File Integrity Verification

The safest modern use. Publishers post MD5 checksums; users verify their download:

``bash

# Linux

md5sum ubuntu-22.04.iso

# macOS

md5 ubuntu-22.04.iso

``

Password Storage (historical — avoid today)

Early sites stored MD5 hashes instead of plaintext passwords.

⚠️ Do not use MD5 alone for passwords today. Rainbow table and dictionary attacks crack simple passwords in milliseconds.

Use BCrypt, Argon2, or PBKDF2 — purpose-built password hashing with salting and adjustable cost.

Deduplication and Fast Comparison

Quickly determine whether two data sets are identical — useful for file deduplication and cache validation.

Security Status

Collision Attack (2004): Prof. Wang Xiaoyun's team found an efficient algorithm to construct two different inputs with the same MD5 hash — breaking collision resistance. Rainbow Table Attack: Precomputed tables allow instant lookup from hash to original for common passwords. Verdict:
  • ✅ Still fine for: file integrity checks, non-security fingerprinting, unique IDs
  • ❌ Avoid for: password storage, digital signatures, any security-critical use
Use SHA-256 or SHA-3 for security-sensitive scenarios.

Online MD5 Tool

Need a quick hash? Our Online MD5 Tool generates 32-bit and 16-bit MD5, supports uppercase, and runs entirely in your browser.

W

woshiit 技术团队

woshiit AI Navigation · Original Content

More Articles

Tech Sharing

SBTI Personality Test: A 15-Dimension Character Analysis Beyond MBTI

12 min

AI Tools

NüWa.skill: Distilling the Minds of Legends — Deep Conversations with Jobs & Musk via AI

8 min

Tech Basics

What is Base64 Encoding? Principles, Use Cases & Online Converter

7 min

Tech Basics

The Complete Guide to URL Encoding: Why Chinese Characters Become %E4%B8%AD

6 min