Is Md5 Encryption Symmetric or Asymmetric?

iphone cocoa cryptography passwords md5
10,191

Solution 1

MD5 is a hashing function, thus by definition it is not reversible. This is not the case for encryption (either symmetric or asymmetric), which has to be reversible to be useful.

To be more precise, hashes are one-way functions, in that an infinite number of inputs can map to a single output, thus it is impossible to obtain the exact input, with certainty, that resulted in a given output.

However, it may be possible to find a different input that hashes to the same output. This is called a collision.

Generally, hashing passwords instead of storing the plain text (even encrypted) is a good idea. (Even better if using a salt) However, MD5 has known weaknesses (and large collections of rainbow tables that aid in finding collisions), thus it would be a good idea to switch to something like SHA-1 or one of the SHA-2 family of hashes.

However, to answer your original question, there is really is no way to compare MD5 or any hash against any type of encryption; they have no equivalents because it's like comparing apples and oranges.

Solution 2

md5 isn't really symmetric or asymmetric encryption because it isn't reversible either symmetrically or asymmetrically. It's a Message Digest (secure hash) algorithm.

Solution 3

It's not encryption, it's a digest. If you didn't salt it, it's not particularly secure, but they're asking you the wrong question.

What exactly are you doing with MD5 and passwords? There are standard ways of doing things here, and it's always better to use one, but without knowing what you want to do it's hard to point you at a relevant standard.

Solution 4

It is NOT encryption at all.

Solution 5

Apple asks the question about the use of MD5 for hashing passwords to see if it requires authorization for export from the Department of Commerce/Bureau of Industry and Security.

The answer for that purpose is that using MD5 for password protection is not controlled as strong encryption (like symmetric algorithms in excess of 64 bits) in accord with the Technical Note to 15 CFR part 774, Supplement 1, ECCN 5A002, paragraph a.1, which describes using encryption for password protection. However, it may still be controlled under ECCN 5A992.

http://www.bis.doc.gov/encryption/ccl5pt2.pdf

The other answers are not helpful in the context of why the question was asked.

Also, you may want to call the Department of Commerce/Bureau of Industry and Security at 202-482-0707 and ask about your specific application.

Share:
10,191
PF1
Author by

PF1

Updated on June 12, 2022

Comments

  • PF1
    PF1 about 2 years

    For my iPhone application, Apple wants to know if my password encryption (md5) is greater then 64-bit symmetric or greater then 1024-bit symmetric. I have not been able to find it online, so I am wondering if anyone knows the answer. In addition, is this considered an appropriate encryption technology for passwords, or should I use something different?

    Thanks for any help!

  • PF1
    PF1 over 14 years
    Hi Peter: Does this mean that my app doesn't "contain encryption"?
  • Peter
    Peter over 14 years
    Strictly speaking, no. Using MD5 or any other hash function so that the actual password is not stored is sometimes referred to as "one-way encryption", though the use of the term encryption is a misnomer: (Obligatory Wikipedia link: en.wikipedia.org/wiki/One-way_encryption)
  • John M.
    John M. over 14 years
    I know this is late, but just to add on... Instead of using SHA-1 or SHA-2, you could also just try salting a hash or even using both MD5 and SHA-1.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

MD5 algorithm in Objective-C
Login to PostgreSQL using md5 encrypted password and not plaintext password
remove specific characters from NSString
Produce MD5 or SHA1 hash code to long (64 bits)
How to load resources from external framework
Replace " " character in an NSString with "\ " (to create a Unix path)
What exactly does rangeOfCharacterFromSet do?
How to convert elements of NSMutableArray to NSString
NSDate and NSDateFormatter issues
How does NSMutableData work?