OESF Portables Forum
General Forums => General Discussion => Topic started by: MonkeyMuffins on November 30, 2004, 01:53:02 pm
-
Probably a stupid question, but what is the md5soms file and what is it used for? I cannot find anything on it.
-
An md5sum of file can be used to verify the integrity of the file. You can use them to see if a file has changed or when downloading files from the web you can check if the file is corrupt.
Hope this helps.
-
Thank you, it helps alot.
-
The md5sum algorithm is sometimes used to encrypt passwords on Unix systems. When you run any data through an md5sum program, it produces a 128 bit number. A 128 bit number can represent on the order of 4 billion times 4 billion times 4 billion times 4 billion different values. Given the end result of an md5sum computation, it can be very time-consuming to determine what the original data was that produced the output of the md5sum computation. So for the password system, the computer stores the md5sum of a password. When the user tries to log in again, only the correct password or some data that happens to compute to the same md5sum will match the md5sum result that was stored for the original password. Recently, though, I have read references to the research of some people who have found weaknesses in the md5sum algorithm, making it possible to tailor an input to get a desired output, but I do not know the details. This may make the md5sum less desirable for the purpose of storing encrypted passwords.
The md5sum algorithm is described in RFC 1321, which you can read at:
http://www.faqs.org/rfcs/rfc1321.html (http://www.faqs.org/rfcs/rfc1321.html)
The documentation is not very enlightening though. The md5sum process reads a lot like the hokey pokey:
Put your left foot in. Take your left foot out. Put your right foot in, and shake it all about .... Do the hokey pokey. That's what it's all about.
-
Thank you for the post. This helps.