[ Documentation page ]
This page provides some information about the algorithms used. For each algorithm is explained: its history, its use and any known weaknesses.
For further details you can use the links provided below.
[ MD5 Algorithm ]
In cryptography, MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value. Specified in RFC 1321, MD5 has been employed in a wide variety of security applications, and is also commonly used to check the integrity of files. However, it has been shown that MD5 is not collision resistant; as such, MD5 is not suitable for applications like SSL certificates or digital signatures that rely on this property. An MD5 hash is typically expressed as a 32-digit hexadecimal number.
MD5 was designed by Ron Rivest in 1991 to replace an earlier hash function, MD4. In 1996, a flaw was found with the design of MD5. While it was not a clearly fatal weakness, cryptographers began recommending the use of other algorithms, such as SHA-1 (which has since been found also to be vulnerable). In 2004, more serious flaws were discovered, making further use of the algorithm for security purposes questionable.In 2007 a group of researchers described how to create a pair of files that share the same MD5 checksum. In an attack on MD5 published in December 2008, a group of researchers used this technique to fake SSL certificate validity. US-CERT of the U. S. Department of Homeland Security said MD5 "should be considered cryptographically broken and unsuitable for further use,"and most U.S. government applications will be required to move to the SHA-2 family of hash functions after 2010.
MD5 digests have been widely used in the software world to provide some assurance that a transferred file has arrived intact. For example, file servers often provide a pre-computed MD5 checksum for the files, so that a user can compare the checksum of the downloaded file to it. Unix-based operating systems include MD5 sum utilities in their distribution packages, whereas Windows users use third-party applications.
MD5 is widely used to store passwords. To mitigate against the vulnerabilities mentioned above, one can add a salt to the passwords before hashing them. Some implementations may apply the hashing function more than once—see key strengthening.
You read the entire original article about MD5 algorithm
[ SHA1 Algorithm ]
In cryptography, SHA-1 is a cryptographic hash function designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard. SHA stands for Secure Hash Algorithm. The three SHA algorithms are structured differently and are distinguished as SHA-0, SHA-1, and SHA-2. SHA-1 is very similar to SHA-0, but corrects an error in the original SHA hash specification that led to significant weaknesses. The SHA-0 algorithm was not adopted by many applications. SHA-2 on the other hand significantly differs from the SHA-1 hash function.
SHA-1 is the most widely used of the existing SHA hash functions, and is employed in several widely-used security applications and protocols. In 2005, security flaws were identified in SHA-1, namely that a mathematical weakness might exist, indicating that a stronger hash function would be desirable. Although no successful attacks have yet been reported on the SHA-2 variants, they are algorithmically similar to SHA-1 and so efforts are underway to develop improved alternatives. A new hash standard, SHA-3, is currently under development — an ongoing NIST hash function competition is scheduled to end with the selection of a winning function in 2012.
SHA-1 forms part of several widely-used security applications and protocols, including TLS and SSL, PGP, SSH, S/MIME, and IPsec. Those applications can also use MD5; both MD5 and SHA-1 are descended from MD4. SHA-1 hashing is also used in distributed revision control systems such as Git, Mercurial, and Monotone to identify revisions, and to detect data corruption or tampering.
You read the entire original article about SHA1 algorithm
[ NTLM Authentication Protocol ]
NTLM (NT LAN Manager) (not to be confused with LAN Manager) is a Microsoft authentication protocol. MS-CHAP is similar and is used for authentication with Microsoft remote access protocols. It is the successor of LANMAN (Microsoft LAN Manager), an older Microsoft authentication protocol, and attempted to be backwards compatible with LANMAN. NTLM was followed by NTLMv2, at which time the original was renamed to NTLMv1.
NTLM is typically used for single sign-on on intranets, but is slowly being replaced by Kerberos. Microsoft has embedded the NTLM authentication into several communication protocols, such as HTTP, POP3 and SMTP.
Before[when?] official documentation of the protocol was available, it was analyzed by the Samba team through network analysis. The cryptographic calculations are identical to that of MS-CHAP and are documented in RFC 2433 for v1 and RFC 2759 for v2. Both MS-CHAP v1 and v2 have been analyzed; Bruce Schneier, Peiter "Mudge" Zatko and David Wagner, among other researchers, found weaknesses in both protocols. Still both protocols remain in widespread use.
Many implementations are by Microsoft. In addition a large number of third-party software also implement NTLM. This includes many open source applications that run on non-Microsoft platforms, e.g. Linux/Unix, thereby allowing such applications to interoperate with Microsoft products such as Active Directory, Exchange Server (mail server), Internet Information Services (http server), etc.
Many non-Microsoft implementations were developed at a time when no official documentation was available from Microsoft, that is before 2007. Such implementations are based on reverse engineering. None of the major open source implementations of NTLM (Samba, Cyrus SASL, Squid, etc) seem to have re-designed their software after the official documentation became available in 2007 but are indeed still based on a reverse engineered understanding of the protocol.
You read the entire original article about NTLM
[ Base 64 Encoding ]
Base64 is a generic term for any number of similar encoding scheme that encodes binary data by treating it numerically and translating it into a base 64 representation. The Base64 term originates from a specific MIME content transfer encoding.
Base64 encoding schemes are commonly used when there is a need to encode binary data that needs be stored and transferred over media that are designed to deal with textual data. This is to ensure that the data remains intact without modification during transport. Base64 is used commonly in a number of applications including email via MIME, and storing complex data in XML.
The particular choice of characters to make up the 64 characters required for base varies between implementations. The general rule is to choose a set of 64 characters that is both part of a subset common to most encodings, and also printable. This combination leaves the data unlikely to be modified in transit through systems, such as email, which were traditionally not 8-bit clean. For example, MIME's Base64 implementation uses A–Z, a–z, and 0–9 for the first 62 values. Other variations, usually derived from Base64, that share this property but differ in the symbols chosen for the last two values; an example is UTF-7.
The earliest instances of this type of encoding were created for dialup communication between systems running the same OS - e.g. uuencode for UNIX, BinHex for the TRS-80 (later adapted for the Macintosh) - and could therefore make more assumptions about what characters were safe to use. For instance, uuencode uses uppercase letters, digits, and many punctuation characters, but no lowercase, since UNIX was sometimes used with terminals that did not support distinct letter case.
You read the entire original article about Base 64 encoding