logo
GeekFormat

MD5 Hash

Input0 characters · 0 bytes
示例:
All Hashes (side-by-side)
Computed via Web Crypto API
MD5
32 hex
SHA-1
40 hex
SHA-256
64 hex
SHA-384
96 hex
SHA-512
128 hex

Free online MD5 hash tool. Text/file/batch/HMAC-MD5 modes, UTF-8/Latin1, uppercase, 8-char grouping. ⚠️ MD5 is broken — do NOT use for password storage.

Related

Use Cases

  • File integrity: compute MD5 after downloading to verify against official checksums
  • Batch digest generation for config files or release notes
  • HMAC-MD5 signing for legacy system integration
  • Data deduplication via quick MD5 comparison
  • Cache key generation as short unique identifiers
  • Learning: understand hash algorithms by comparing MD5/SHA-1/SHA-256 outputs

Features

  • Four modes: Text, File, Batch line-by-line, and HMAC-MD5 covering common checksum scenarios
  • UTF-8/Latin1 encoding selectable to match different system inputs
  • Uppercase output and 8-char grouping for human readability
  • Chunked file hashing: incremental reading for large files avoids memory issues
  • Batch mode: each line hashed independently with original→hash output
  • One-click copy of results

How to Use

  1. Select mode: Text, File, Batch, or HMAC-MD5
  2. Set parameters: encoding, uppercase, 8-char grouping
  3. Enter text, upload file, or paste batch content
  4. Copy the hash result for verification or scripts

FAQ

What is MD5 commonly used for?

MD5 is used for file integrity checks (verifying downloads), fast deduplication, cache keys, and legacy system compatibility. It outputs 128-bit (32 hex chars) and is very fast, suitable for non-security scenarios.

MD5 vs SHA-256?

MD5 outputs 128-bit (32 hex), is very fast but broken. SHA-256 outputs 256-bit (64 hex), is slower but has no practical collision attacks, and is preferred for security-critical uses.

SHA-256 Tool

Why is MD5 unsafe for passwords?

MD5 is extremely fast — modern GPUs can compute billions of hashes per second, and rainbow tables make quick work of common passwords. Use bcrypt, scrypt, or Argon2 for password storage.

Password Generator

MD5 is broken — can I still use it?

Absolutely NOT for security (digital signatures, passwords, TLS). But for non-security uses (file corruption checks, dedup, cache keys), MD5 is still fine because attackers have no incentive to create collisions.

Can MD5 hashes be "decrypted"?

MD5 is one-way and cannot be reversed mathematically, but rainbow tables and brute force can recover weak passwords in seconds. This is why MD5 must never be used for password storage.

Will large files cause lag?

No. The tool uses chunked incremental reading — files are not loaded entirely into memory, so even multi-GB files process smoothly with a responsive UI.

What is HMAC-MD5 vs plain MD5?

HMAC-MD5 is a keyed hash that requires a secret key. While plain MD5 is broken, HMAC-MD5 is still secure when the key is unknown (though migration to HMAC-SHA256 is recommended).

HMAC Generator

What is MD5?

MD5 (Message-Digest Algorithm 5) is a 128-bit hash function designed by Ronald Rivest in 1991 (RFC 1321), producing a fixed 32-character hexadecimal digest from arbitrary input. Widely used for digital signatures, certificate verification, and password storage, MD5 was broken by Wang et al.'s collision attack in 2004, and Flame malware exploited MD5 collisions to forge a trusted CA certificate in 2008.

**Security status**: NIST formally deprecated MD5 for digital signatures in SP 800-131A (2011). However, MD5 remains useful for non-security scenarios: file integrity checks against accidental corruption, data deduplication, and cache keys. The key question: would an attacker benefit from creating a collision? If not, MD5's speed is an advantage.

**Never use MD5 for password storage**: MD5 is extremely fast (billions of hashes/sec on GPU), allowing instant brute-force on common passwords. Password storage MUST use bcrypt, scrypt, or Argon2 — slow hashes with configurable cost factors that make brute-force infeasible.

**HMAC-MD5 is still secure**: although plain MD5 is broken, HMAC-MD5 (keyed hash message authentication code) remains secure when the key is unknown because HMAC construction does not directly rely on the hash's collision resistance. Migration to HMAC-SHA256 is still recommended.

The tool uses a pure JavaScript MD5 implementation (Web Crypto API no longer supports MD5). All computation happens locally in your browser — files use chunked incremental reading and are never uploaded.

术语表

Hash Function
A mathematical function mapping arbitrary-length input to fixed-length output. Good hash functions provide one-way-ness, collision resistance, and avalanche effect.
Collision Attack
Finding two distinct inputs that produce the same hash output. MD5 collisions were demonstrated by Wang et al. in 2004, enabling forged digital signatures.
Preimage Attack
Finding an input that produces a given hash output. Harder than collisions, but new 2024 research significantly weakened MD5 preimage resistance.
Rainbow Table
Precomputed hash→plaintext lookup tables for quickly cracking weak password hashes. Salting defeats rainbow tables.
HMAC
Hash-based Message Authentication Code using a secret key for message integrity/authentication. HMAC-MD5 and HMAC-SHA256 are common variants.HMAC Generator
bcrypt
A slow password-hashing algorithm with built-in salting and configurable cost factor, making brute-force attacks prohibitively expensive.
Checksum
A small fixed value used to verify data integrity. MD5, SHA-1, SHA-256 are commonly used as checksums to detect transmission corruption.
Avalanche Effect
A small input change (even 1 bit) causes a drastic, unpredictable change in output hash. MD5 still has good avalanche properties, contributing to its ongoing utility in non-security checks.
RFC 1321
The official MD5 standard submitted to IETF by Ronald Rivest in 1992, describing the algorithm's steps and test vectors.
Chunked Hashing
Processing large files in blocks rather than loading the entire file into memory, incrementally updating the hash state.

Common Hash Algorithm Comparison

AlgorithmOutputHex LengthSecuritySpeedRecommended Use
MD5128-bit32 chars❌ Broken (collisions/preimage)ExtremeFile checksums, dedup, cache keys
SHA-1160-bit40 chars❌ Collisions (2017)FastGit, legacy compat
SHA-256256-bit64 chars✅ SecureMediumDigital signatures, certs, blockchain
SHA-512512-bit128 chars✅ SecureFast (64-bit)High-security, key derivation
bcrypt-60 chars✅ Password-specializedSlow (configurable)Password storage

MD5 Security Event Timeline

YearEventImpact
1991Ron Rivest designs MD5 (RFC 1321)Replaces MD4, becomes mainstream
1996First pseudo-collision flaw discoveredAcademic community raises concerns
2004Wang et al. demonstrate MD5 collision attackMD5 digital signatures completely broken
2008Flame malware forges CA certificate via MD5 collisionNIST officially deprecates MD5 for signatures
2011NIST SP 800-131A bans MD5 for security usesUS government systems phase out MD5
2024New preimage attack publishedMD5 last line of defense breached

Code Examples

MD5/Hashing in JavaScript (Web Crypto supports SHA, MD5 needs library)

// Note: Web Crypto API does NOT support MD5 (deprecated)
// Use SHA-256 instead for new projects
async function sha256(message) {
  const msgBuffer = new TextEncoder().encode(message);
  const hashBuffer = await crypto.subtle.digest('SHA-256', msgBuffer);
  return Array.from(new Uint8Array(hashBuffer)).map(b => b.toString(16).padStart(2,'0')).join('');
}
sha256('Hello World').then(console.log);

// MD5 in Node.js using crypto module
const crypto = require('crypto');
const md5 = crypto.createHash('md5').update('Hello World').digest('hex');
console.log(md5); // b10a8db164e0754105b7a99be72e3fe5

MD5 Hashing in Python

import hashlib
text = 'Hello World'
md5_hash = hashlib.md5(text.encode('utf-8')).hexdigest()
print(md5_hash)  # b10a8db164e0754105b7a99be72e3fe5

# File MD5 (chunked for large files)
def md5_file(filepath, chunk_size=8192):
    md5 = hashlib.md5()
    with open(filepath, 'rb') as f:
        while chunk := f.read(chunk_size):
            md5.update(chunk)
    return md5.hexdigest()

# HMAC-MD5
import hmac
hmac_md5 = hmac.new(b'secret-key', b'Hello World', hashlib.md5).hexdigest()
print(hmac_md5)

MD5 Hashing in Java

import java.security.MessageDigest;
import java.nio.charset.StandardCharsets;

public class MD5Example {
    public static String md5(String input) throws Exception {
        MessageDigest md = MessageDigest.getInstance("MD5");
        byte[] hash = md.digest(input.getBytes(StandardCharsets.UTF_8));
        StringBuilder sb = new StringBuilder();
        for (byte b : hash) sb.append(String.format("%02x", b));
        return sb.toString();
    }
    public static void main(String[] args) throws Exception {
        System.out.println(md5("Hello World"));
        // b10a8db164e0754105b7a99be72e3fe5
    }
}
// Note: Use SHA-256 for new code: MessageDigest.getInstance("SHA-256")

Authoritative References