Security Analysis of MD5 algorithm in Password Storage
Authors
Mary Cindy Ah Kioon, ZhaoShun Wang, Shubra Deb Das
Corresponding Author
Mary Cindy Ah Kioon
Available Online February 2013.
- DOI
- 10.2991/isccca.2013.177How to use a DOI?
- Keywords
- component, MD5, Password Storage Security, Data Security, Dictionary attacks, Rainbow Tables
- Abstract
Hashing algorithms are commonly used to convert passwords into hashes which theoretically cannot be deciphered. This paper analyses the security risks of the hashing algorithm MD5 in password storage and discusses different solutions, such as salts and iterative hashing. We propose a new approach to using MD5 in password storage by using external information, a calculated salt and a random key to encrypt the password before the MD5 calculation. We suggest using key stretching to make the hash calculation slower and using XOR cipher to make the final hash value impossible to find in any standard rainbow table.
- Copyright
- © 2013, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Mary Cindy Ah Kioon AU - ZhaoShun Wang AU - Shubra Deb Das PY - 2013/02 DA - 2013/02 TI - Security Analysis of MD5 algorithm in Password Storage BT - Proceedings of the 2nd International Symposium on Computer, Communication, Control and Automation (ISCCCA 2013) PB - Atlantis Press SP - 706 EP - 709 SN - 1951-6851 UR - https://doi.org/10.2991/isccca.2013.177 DO - 10.2991/isccca.2013.177 ID - AhKioon2013/02 ER -