MD5 雜湊
免費線上 MD5 雜湊計算工具,支援文字、檔案、批量逐行與 HMAC-MD5 四種模式。UTF-8/Latin1 編碼,大小寫輸出,8位分組。⚠️ MD5 已不安全,請勿用於密碼儲存。
免費線上 MD5 雜湊計算工具,支援文字、檔案、批量逐行與 HMAC-MD5 四種模式。UTF-8/Latin1 編碼,大小寫輸出,8位分組。⚠️ MD5 已不安全,請勿用於密碼儲存。
MD5 is used for file integrity checks (verifying downloads), fast deduplication, cache keys, and legacy system compatibility. It outputs 128-bit (32 hex chars) and is very fast, suitable for non-security scenarios.
MD5 outputs 128-bit (32 hex), is very fast but broken. SHA-256 outputs 256-bit (64 hex), is slower but has no practical collision attacks, and is preferred for security-critical uses.
SHA-256 ToolMD5 is extremely fast — modern GPUs can compute billions of hashes per second, and rainbow tables make quick work of common passwords. Use bcrypt, scrypt, or Argon2 for password storage.
Password GeneratorAbsolutely NOT for security (digital signatures, passwords, TLS). But for non-security uses (file corruption checks, dedup, cache keys), MD5 is still fine because attackers have no incentive to create collisions.
MD5 is one-way and cannot be reversed mathematically, but rainbow tables and brute force can recover weak passwords in seconds. This is why MD5 must never be used for password storage.
No. The tool uses chunked incremental reading — files are not loaded entirely into memory, so even multi-GB files process smoothly with a responsive UI.
HMAC-MD5 is a keyed hash that requires a secret key. While plain MD5 is broken, HMAC-MD5 is still secure when the key is unknown (though migration to HMAC-SHA256 is recommended).
HMAC GeneratorMD5 是 Ronald Rivest 於 1991 年設計的 128 位雜湊函數(RFC 1321),2004 年被王小雲團隊發現碰撞攻擊,2008 年 Flame 利用 MD5 碰撞偽造 CA 憑證。
MD5 在安全場景(數位簽章、密碼儲存、TLS)已被 NIST 廢棄,但在檔案完整性校驗、去重、快取鍵等非安全場景仍然可用。
絕不要用 MD5 儲存密碼——請使用 bcrypt、scrypt 或 Argon2 等慢速雜湊演算法。
HMAC-MD5 在密鑰未知時仍然安全,但建議遷移至 HMAC-SHA256。
本工具使用純 JavaScript 實現,所有計算在瀏覽器本機完成,檔案採用分片增量讀取不上傳伺服器。
| Algorithm | Output | Hex Length | Security | Speed | Recommended Use |
|---|---|---|---|---|---|
MD5 | 128-bit | 32 chars | ❌ Broken (collisions/preimage) | Extreme | File checksums, dedup, cache keys |
SHA-1 | 160-bit | 40 chars | ❌ Collisions (2017) | Fast | Git, legacy compat |
SHA-256 | 256-bit | 64 chars | ✅ Secure | Medium | Digital signatures, certs, blockchain |
SHA-512 | 512-bit | 128 chars | ✅ Secure | Fast (64-bit) | High-security, key derivation |
bcrypt | - | 60 chars | ✅ Password-specialized | Slow (configurable) | Password storage |
| Year | Event | Impact |
|---|---|---|
1991 | Ron Rivest designs MD5 (RFC 1321) | Replaces MD4, becomes mainstream |
1996 | First pseudo-collision flaw discovered | Academic community raises concerns |
2004 | Wang et al. demonstrate MD5 collision attack | MD5 digital signatures completely broken |
2008 | Flame malware forges CA certificate via MD5 collision | NIST officially deprecates MD5 for signatures |
2011 | NIST SP 800-131A bans MD5 for security uses | US government systems phase out MD5 |
2024 | New preimage attack published | MD5 last line of defense breached |
// Note: Web Crypto API does NOT support MD5 (deprecated)
// Use SHA-256 instead for new projects
async function sha256(message) {
const msgBuffer = new TextEncoder().encode(message);
const hashBuffer = await crypto.subtle.digest('SHA-256', msgBuffer);
return Array.from(new Uint8Array(hashBuffer)).map(b => b.toString(16).padStart(2,'0')).join('');
}
sha256('Hello World').then(console.log);
// MD5 in Node.js using crypto module
const crypto = require('crypto');
const md5 = crypto.createHash('md5').update('Hello World').digest('hex');
console.log(md5); // b10a8db164e0754105b7a99be72e3fe5import hashlib
text = 'Hello World'
md5_hash = hashlib.md5(text.encode('utf-8')).hexdigest()
print(md5_hash) # b10a8db164e0754105b7a99be72e3fe5
# File MD5 (chunked for large files)
def md5_file(filepath, chunk_size=8192):
md5 = hashlib.md5()
with open(filepath, 'rb') as f:
while chunk := f.read(chunk_size):
md5.update(chunk)
return md5.hexdigest()
# HMAC-MD5
import hmac
hmac_md5 = hmac.new(b'secret-key', b'Hello World', hashlib.md5).hexdigest()
print(hmac_md5)import java.security.MessageDigest;
import java.nio.charset.StandardCharsets;
public class MD5Example {
public static String md5(String input) throws Exception {
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] hash = md.digest(input.getBytes(StandardCharsets.UTF_8));
StringBuilder sb = new StringBuilder();
for (byte b : hash) sb.append(String.format("%02x", b));
return sb.toString();
}
public static void main(String[] args) throws Exception {
System.out.println(md5("Hello World"));
// b10a8db164e0754105b7a99be72e3fe5
}
}
// Note: Use SHA-256 for new code: MessageDigest.getInstance("SHA-256")