Reputation: 23
MD5 checksums with salt
I thought that when salt is used, MD5 is computed from concatenation string + salt. So the word 'aaa' and salt 'aa' should be the same like 'aaaa' with salt 'a' or 'aaaaa' without salt.
But this is what I got...
md5pass aaa aa
$1$aa$EeTKacbSboHIR0fSp2UVf0
md5pass aaaa a
$1$a$M2jh3iKJcBEuJdTGjNcsh0
Could you please explain why checksums are different?
Thank you,
Martin
Upvotes: 1
Views: 7834
Answers (1)
Reputation: 23
I mixed up two different things - MD5 checksum and password hash
MD5 checksum is used for checking that a file was not modified. No salt is used, result is usually a hexadecimal number.
MD5 password hash is used to store passwords in non-readable form. It uses MD5(password + salt) in many iterations, result starts with
$1$.
md5pass computes password hash from given passphrase and salt. There are many iterations of md5(pass + salt + result_from_previous_iteration) so not just MD5(pass+salt) as I thought.
http://en.wikipedia.org/wiki/Crypt_%28Unix%29
Upvotes: 1
Related Questions
- md5 hashing using password as salt?
- md5 checksum of pdf file
- ruby: create MD5 checksum with salt?
- checksum and md5, not the same thing?
- create md5 hash (salt+value)
- Use a combination of SHA1+MD5
- How to use salt with md5 technique
- Combining MD5 hash values
- How to validate user
- MD5, password hashing and salt position