Score:0

How blueimp JavaScript-MD5 works?

mv flag

I have made some progress on the MD5 avalanche problem, https://github.com/221294583/crc32 It is said that CRC32 realizes avalanche through recursive XOR of polynomials and original values at the same time.I think MD5 is the same,but I can't understand the code of MD5. Can you help me explain this code. https://github.com/blueimp/JavaScript-MD5 ,it is a big massive of codes as in my link.I am not a developer of the project. I am using MD5 utility for my project and may be JavaScript is also just call the utility. CRC32 is other method.

DannyNiu avatar
vu flag
Side note: MD5 does not provide cryptographic grade integrity protection and should be avoided. Even if you're willing to trade security for performance, BLAKE2s-128 is a better choice in terms of efficiency, unless you've got the requirement to utilize existing hardware.
Score:1
vu flag

MD5 work fundamentally differently from CRCs.

I'm not familiar with CRC algorithms, except only for knowing that they provide basic high-throughput integrity protection.

MD5 (along with others in Merkle-Daamgard cryptographic hash functions family such as SHA-1, SHA-256, etc.) has roughly 4 layers:

Merkle-Daamgard construction: which consists of

  • MD-compiliant message padding - for making sure messages of different length results in different sequences of message blocks. Different messages of same length is not the main concern for the MD-compilant padding.

  • A series of iterations of the compression function $C(h,m)$, where $h$ is the digest from the previous iteration of the compression function (or the initialization vector if this is the initial iteration); and $m$ is the message block for the current iteration.

The construction of compression function from blockciphers.

The Davies-Meyers construction is the one used in MD5, SHA-1, and SHA-2 family. It encrypts the digest with the message block as the key, then adds or xors the digest to the new output block to make the compression function one-way.

The construction of blockcipher.

There are 2 major paradigms - a) Substitution-Permutation Network (SPN), b) Feistel Network. MD5, SHA-1, and SHA-2 family uses the latter.

A Feistal Network iteratively alter one half of the blockcipher block with a value calculated using a round function from the other half of the block - the round function calculation involves the subkey derived from the main key, which in the case of hash functions, is the current message block.

Construction of round function.

The main concern of Feistal Network is to increase confusion and diffusion by iteratively applying the round function, and the round function needs to provide some necessary minimum randomness.

  • The ARX paradigm (arithmetic addition, rotation/shifts, and xor operations) is a popular choice.
  • Binary polynomial is another.
DannyNiu avatar
vu flag
I'm pretty sure I've seen similar answers before. Can someone link to it please?
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.