How to reverse MD5 to get the original string?

md5
orange picture orange · Sep 5, 2012 · Viewed 133.9k times · Source

Possible Duplicate:
Is it possible to decrypt md5 hashes?

Is it possible to get a string from MD5 in Java?

Firstly a string is converted to MD5 checksum, is it possible to get this MD5 checksum back to the original text?

I'm assuming you use MessageDigest, any help is greatly appreciated, even other java libraries.

Just want to also point out on if it not possible how this app is able to it: https://play.google.com/store/apps/details?id=com.fab.md5&hl=en

I even converted some text to MD5 checksum using another application and used this checksum to see if the app was able to convert it back to text and it did.

Answer

Denys Séguret picture Denys Séguret · Sep 5, 2012

No, that's not really possible, as

  • there can be more than one string giving the same MD5
  • it was designed to be hard to "reverse"

The goal of the MD5 and its family of hashing functions is

  • to get short "extracts" from long string
  • to make it hard to guess where they come from
  • to make it hard to find collisions, that is other words having the same hash (which is a very similar exigence as the second one)

Think that you can get the MD5 of any string, even very long. And the MD5 is only 16 bytes long (32 if you write it in hexa to store or distribute it more easily). If you could reverse them, you'd have a magical compacting scheme.

This being said, as there aren't so many short strings (passwords...) used in the world, you can test them from a dictionary (that's called "brute force attack") or even google for your MD5. If the word is common and wasn't salted, you have a reasonable chance to succeed...