logo
GeekFormat

MD5 雜湊

輸入0 字元 · 0 位元組
示例:
All Hashes (side-by-side)
Computed via Web Crypto API
MD5
32 hex
SHA-1
40 hex
SHA-256
64 hex
SHA-384
96 hex
SHA-512
128 hex

免費線上 MD5 雜湊計算工具,支援文字、檔案、批量逐行與 HMAC-MD5 四種模式。UTF-8/Latin1 編碼,大小寫輸出,8位分組。⚠️ MD5 已不安全,請勿用於密碼儲存。

相關推薦

適用場景

  • File integrity: compute MD5 after downloading to verify against official checksums
  • Batch digest generation for config files or release notes
  • HMAC-MD5 signing for legacy system integration
  • Data deduplication via quick MD5 comparison
  • Cache key generation as short unique identifiers
  • Learning: understand hash algorithms by comparing MD5/SHA-1/SHA-256 outputs

功能特點

  • Four modes: Text, File, Batch line-by-line, and HMAC-MD5 covering common checksum scenarios
  • UTF-8/Latin1 encoding selectable to match different system inputs
  • Uppercase output and 8-char grouping for human readability
  • Chunked file hashing: incremental reading for large files avoids memory issues
  • Batch mode: each line hashed independently with original→hash output
  • One-click copy of results

使用方法

  1. Select mode: Text, File, Batch, or HMAC-MD5
  2. Set parameters: encoding, uppercase, 8-char grouping
  3. Enter text, upload file, or paste batch content
  4. Copy the hash result for verification or scripts

常見問題

What is MD5 commonly used for?

MD5 is used for file integrity checks (verifying downloads), fast deduplication, cache keys, and legacy system compatibility. It outputs 128-bit (32 hex chars) and is very fast, suitable for non-security scenarios.

MD5 vs SHA-256?

MD5 outputs 128-bit (32 hex), is very fast but broken. SHA-256 outputs 256-bit (64 hex), is slower but has no practical collision attacks, and is preferred for security-critical uses.

SHA-256 Tool

Why is MD5 unsafe for passwords?

MD5 is extremely fast — modern GPUs can compute billions of hashes per second, and rainbow tables make quick work of common passwords. Use bcrypt, scrypt, or Argon2 for password storage.

Password Generator

MD5 is broken — can I still use it?

Absolutely NOT for security (digital signatures, passwords, TLS). But for non-security uses (file corruption checks, dedup, cache keys), MD5 is still fine because attackers have no incentive to create collisions.

Can MD5 hashes be "decrypted"?

MD5 is one-way and cannot be reversed mathematically, but rainbow tables and brute force can recover weak passwords in seconds. This is why MD5 must never be used for password storage.

Will large files cause lag?

No. The tool uses chunked incremental reading — files are not loaded entirely into memory, so even multi-GB files process smoothly with a responsive UI.

What is HMAC-MD5 vs plain MD5?

HMAC-MD5 is a keyed hash that requires a secret key. While plain MD5 is broken, HMAC-MD5 is still secure when the key is unknown (though migration to HMAC-SHA256 is recommended).

HMAC Generator

什麼是 MD5?

MD5 是 Ronald Rivest 於 1991 年設計的 128 位雜湊函數(RFC 1321),2004 年被王小雲團隊發現碰撞攻擊,2008 年 Flame 利用 MD5 碰撞偽造 CA 憑證。

MD5 在安全場景(數位簽章、密碼儲存、TLS)已被 NIST 廢棄,但在檔案完整性校驗、去重、快取鍵等非安全場景仍然可用。

絕不要用 MD5 儲存密碼——請使用 bcrypt、scrypt 或 Argon2 等慢速雜湊演算法。

HMAC-MD5 在密鑰未知時仍然安全,但建議遷移至 HMAC-SHA256。

本工具使用純 JavaScript 實現,所有計算在瀏覽器本機完成,檔案採用分片增量讀取不上傳伺服器。

术语表

Hash Function
A mathematical function mapping arbitrary-length input to fixed-length output. Good hash functions provide one-way-ness, collision resistance, and avalanche effect.
Collision Attack
Finding two distinct inputs that produce the same hash output. MD5 collisions were demonstrated by Wang et al. in 2004, enabling forged digital signatures.
Preimage Attack
Finding an input that produces a given hash output. Harder than collisions, but new 2024 research significantly weakened MD5 preimage resistance.
Rainbow Table
Precomputed hash→plaintext lookup tables for quickly cracking weak password hashes. Salting defeats rainbow tables.
HMAC
Hash-based Message Authentication Code using a secret key for message integrity/authentication. HMAC-MD5 and HMAC-SHA256 are common variants.HMAC Generator
bcrypt
A slow password-hashing algorithm with built-in salting and configurable cost factor, making brute-force attacks prohibitively expensive.
Checksum
A small fixed value used to verify data integrity. MD5, SHA-1, SHA-256 are commonly used as checksums to detect transmission corruption.
Avalanche Effect
A small input change (even 1 bit) causes a drastic, unpredictable change in output hash. MD5 still has good avalanche properties, contributing to its ongoing utility in non-security checks.
RFC 1321
The official MD5 standard submitted to IETF by Ronald Rivest in 1992, describing the algorithm's steps and test vectors.
Chunked Hashing
Processing large files in blocks rather than loading the entire file into memory, incrementally updating the hash state.

Common Hash Algorithm Comparison

AlgorithmOutputHex LengthSecuritySpeedRecommended Use
MD5128-bit32 chars❌ Broken (collisions/preimage)ExtremeFile checksums, dedup, cache keys
SHA-1160-bit40 chars❌ Collisions (2017)FastGit, legacy compat
SHA-256256-bit64 chars✅ SecureMediumDigital signatures, certs, blockchain
SHA-512512-bit128 chars✅ SecureFast (64-bit)High-security, key derivation
bcrypt-60 chars✅ Password-specializedSlow (configurable)Password storage

MD5 Security Event Timeline

YearEventImpact
1991Ron Rivest designs MD5 (RFC 1321)Replaces MD4, becomes mainstream
1996First pseudo-collision flaw discoveredAcademic community raises concerns
2004Wang et al. demonstrate MD5 collision attackMD5 digital signatures completely broken
2008Flame malware forges CA certificate via MD5 collisionNIST officially deprecates MD5 for signatures
2011NIST SP 800-131A bans MD5 for security usesUS government systems phase out MD5
2024New preimage attack publishedMD5 last line of defense breached

Code Examples

MD5/Hashing in JavaScript (Web Crypto supports SHA, MD5 needs library)

// Note: Web Crypto API does NOT support MD5 (deprecated)
// Use SHA-256 instead for new projects
async function sha256(message) {
  const msgBuffer = new TextEncoder().encode(message);
  const hashBuffer = await crypto.subtle.digest('SHA-256', msgBuffer);
  return Array.from(new Uint8Array(hashBuffer)).map(b => b.toString(16).padStart(2,'0')).join('');
}
sha256('Hello World').then(console.log);

// MD5 in Node.js using crypto module
const crypto = require('crypto');
const md5 = crypto.createHash('md5').update('Hello World').digest('hex');
console.log(md5); // b10a8db164e0754105b7a99be72e3fe5

MD5 Hashing in Python

import hashlib
text = 'Hello World'
md5_hash = hashlib.md5(text.encode('utf-8')).hexdigest()
print(md5_hash)  # b10a8db164e0754105b7a99be72e3fe5

# File MD5 (chunked for large files)
def md5_file(filepath, chunk_size=8192):
    md5 = hashlib.md5()
    with open(filepath, 'rb') as f:
        while chunk := f.read(chunk_size):
            md5.update(chunk)
    return md5.hexdigest()

# HMAC-MD5
import hmac
hmac_md5 = hmac.new(b'secret-key', b'Hello World', hashlib.md5).hexdigest()
print(hmac_md5)

MD5 Hashing in Java

import java.security.MessageDigest;
import java.nio.charset.StandardCharsets;

public class MD5Example {
    public static String md5(String input) throws Exception {
        MessageDigest md = MessageDigest.getInstance("MD5");
        byte[] hash = md.digest(input.getBytes(StandardCharsets.UTF_8));
        StringBuilder sb = new StringBuilder();
        for (byte b : hash) sb.append(String.format("%02x", b));
        return sb.toString();
    }
    public static void main(String[] args) throws Exception {
        System.out.println(md5("Hello World"));
        // b10a8db164e0754105b7a99be72e3fe5
    }
}
// Note: Use SHA-256 for new code: MessageDigest.getInstance("SHA-256")

Authoritative References