Weed, i wish to know what is your justificatin that make u believe that this must not be the case, so that i can learn ur knowledge.
Nope. This is science not religion. Jimson, you are the one making the assertion therefore it's up to you to provide the proof.
jimson said,
if u read this thread properly, i already said that, one of the possible string that able to generate the same hash is one of the number in 1632 which is
ok, how should i explain... to proof it :?
if i am wrong, it means, the total md5 hash values is less than 1632. <- can u get this.
If it hash back before $i=1632 <- not necessary to $i=1(my first hash values)
let say it hash back to $i=4000 <- obviously it will just loop forever in this 4000 to before 1632 <- it will hash back.
so total possible generated md5 is smaller than 3216
if the md5 don't hash back, it will be unlimitted hash values where theoritical, there can be only 1632 hash values.
why i said, there could be one of the number in 1632 that able to generate the same hash like md5('jimsonchang');
becoz, each of the 1632 is unique ( and i presume each of them will generate different hash). and 1632 is the limit for md5 hash.
....
if i am wrong, please guide me... 
i am not perfect.
just suppose that md5() returned a number between 0 and F.
In this example:
md(0) = A
md(A) = 3
md(3) = 4
md(4) = E
md(E) = 0
uh... whoops. Now... we know that the hex numbers 1,2,5,6,7,8,9,B,C,D, and F exist. There is just no guarantee that this "loop" you are creating by hashing previous hashes is going to be one long, continuous loop.
I still fail to see the point of your theoretical exercise. I say theoretical, because there is no way you will ever complete this. MD5 is simply a way of verifying data -- consider it a very complex checksum. It's really not meant to be used for anything else, so I ask you -- what is your point?
i see your example, u are assuming md5 will generate only one character.
and i assure u, if md5 gonna generate only one char hash, then md5(F) will hash back to the hash of md5(0);
i understand md5 is a way of verifying data.
but u see, peeps use it for other purpose...
my point is... to be able to find the first clash hash.... and i believe there is at least one out there....
Originally posted by jimson
i see your example, u are assuming md5 will generate only one character.
No, I'm not assuming any such thing (how did you get that idea?). You appear to be assuming that two strings have the same MD5, one of them must be an MD5 hash written in hexadecimal notation, using the ASCII character set (and that the other one is "jimsonchang").
And even if that was true, I don't see what relevance it would have to how "peeps" (I presume you mean "people", not "peepers") use it.
no, the i see ur example, u are assuming md5 will generate ... bla bla bla is said to Buzzly.. coz he/she shows
md(0) = A
....
Weed, i know u don't asssume such thing... that is for buzz.
weeeeeeed, u mention an important point, about the ascii character for md5... i use the string becoz according to the manual,
string md5 ( string str [, bool raw_output])
i thought md5 only accept string that must be enquote with ' or "
now, i wish to know any of the php developer here.. can tell me
does md5('12345')
and md5(12345)
the same ?
md5('12345') = 827ccb0eea8a706c4c34a16891f84e7b
md5(12345) = 827ccb0eea8a706c4c34a16891f84e7b
IS THE SAME.... WOW... but this
md5('1000A');
md5(1000A);
will generate error
PHP Parse error: parse error, unexpected T_STRING
so... can anyone tell me how to get the real hash of an hex values? or is there one... ?
if we are able to find a hash for a string... then it i don't think we don't have ways to use it... u know what i mean lah...
Originally posted by jimson
i see your example, u are assuming md5 will generate only one character.
and i assure u, if md5 gonna generate only one char hash, then md5(F) will hash back to the hash of md5(0);
Which is why he said "just suppose..." - he'd simplified things right down to make the example clearer. He could have had 32-character strings instead of 1-character strings, and he could have used a more plausible loop that was 3,918,250,578,647,858 hashes long, but (a) it would not have contributed any more to his argument that what he did use, and (b) you'd probably have got upset because md5('acf7ef943fdeb3cbfed8dd0d8f584731
') was not '8666683506aacd900bbd5a74ac4edf68' (and BuzzLY wasn't about to go and construct a real loop!)
So his example (and question) still stand.
Yes... as Weedpacket has explained, my example was simplified, so show how your md5() hash loop is not guaranteed to cover every single possible 32-character hex string.
I understand that you want to find a hash that is returned both for md5("jimsonchang") and some 32-character hex string.
Let's say, you do find it. Good for you. My question to you, which I asked in my last post, is:
so what???
Yes... as Weedpacket has explained, my example was simplified, so show how your md5() hash loop is not guaranteed to cover every single possible 32-character hex string.
no matter they covered the every 32 hex string, that is not important...
if they don't convered the every 32 hex string, i mean before the $i = 1632, there is already a hash back there.
if they don't covered all the 32 hex string, this means md5 cannot hash up to 3216 hashes. maybe can only hash less than 1632 hashes.
maybe
fucntion s(){
md5('apple') = $x;
static $y = $x;
for($i=0; $i<1000; $i++) {
$y = md5($y);
}
}
if it hash back before 1632, then it is good,
maybe we can proof that md5 can't hash up to 1632 hashed?
... ?
i am planning to construct a md5 function using php script...
anyone wanna join..?
so, we will understand the implementation of md5 better.
I only understood (or think I understood) two pieces of that - the rest was simply incoherent.
f they don't covered all the 32 hex string, this means md5 cannot hash up to 1632 hashes. maybe can only hash less than 1632 hashes
.
MD5 can generate a hash for any sequence of binary data, hashes included. So I guess that is supposed to mean "maybe not every sequence of 128 bits is an MD5 hash of some string".
I don't have a cast-iron proof on hand, but looking at the reference implementation in rfc1321, I see no operation that would restrict MD5 to a portion of 128-bit space. The simpler operations and functions are able to generate any desired sequence of 32 bits given appropriate inputs, at least. 'Course, Rivest is more experienced at this sort of thing than me.
Then again, MD5 space could be less than 1% of 128-bit space, and still leave enough real hashes to uniquely identify every book, album, and movie ever published by human beings up to the present day. And have enough left over to individually hash every grain of sand in the solar system.
i am planning to construct a md5 function using php script...
anyone wanna join..?
so, we will understand the implementation of md5 better.
Something like this?
function dh($num)
{ $hex_chr = "0123456789abcdef";
return $hex_chr{(($num >> 4) & 0xf)}.$hex_chr{(($num >> 0) & 0xf)}
. $hex_chr{(($num >> 12) & 0xf)}.$hex_chr{(($num >> 8) & 0xf)}
. $hex_chr{(($num >> 20) & 0xf)}.$hex_chr{(($num >> 16) & 0xf)}
. $hex_chr{(($num >> 28) & 0xf)}.$hex_chr{(($num >> 24) & 0xf)};
}
function str2blks($str)
{
$nblk = ((strlen($str) + 8) >> 6) + 1;
$blks = array_fill(0,$nblk<<4,0);
for($i = 0; $i < strlen($str); $i++)
$blks[$i >> 2] |= ord($str{$i}) << (($i & 3) << 3);
$blks[$i >> 2] |= 0x80 << (($i & 3) << 3);
$blks[($nblk << 4) - 2] = strlen($str) << 3;
return $blks;
}
function add($x,$y)
{ return (($x&0x7fffffff)+($y&0x7fffffff))^($x&0x80000000)^($y&0x80000000);
}
function rol($num,$cnt)
{ $b = substr('00000000000000000000000000000000'.decbin($num),-32);
return bindec(substr($b,$cnt).substr($b,0,$cnt));
}
function cmp($f, $a, $b, $x, $s, $ac)
{ return add(rol(add(add($a, $f), add($x, $ac)), $s), $b);
}
function ff($a, $b, $c, $d, $x, $s, $t)
{ return cmp((($b & $c) | ((~$b) & $d)), $a, $b, $x, $s, $t);
}
function gg($a, $b, $c, $d, $x, $s, $t)
{ return cmp((($b & $d) | ($c & (~$d))), $a, $b, $x, $s, $t);
}
function hh($a, $b, $c, $d, $x, $s, $t)
{ return cmp(($b ^ $c ^ $d), $a, $b, $x, $s, $t);
}
function ii($a, $b, $c, $d, $x, $s, $t)
{ return cmp(($c ^ ($b | (~$d))), $a, $b, $x, $s, $t);
}
function MD5_($str)
{ $x = str2blks($str);
$a = 0x67452301;
$b = 0xefcdab89;
$c = 0x98badcfe;
$d = 0x10325476;
for($i=0; $i<count($x); $i+=16)
{ $olda = $a;
$oldb = $b;
$oldc = $c;
$oldd = $d;
$a = ff($a, $b, $c, $d, $x[$i+ 0], 7 , 0xd76aa478);
$d = ff($d, $a, $b, $c, $x[$i+ 1], 12, 0xe8c7b756);
$c = ff($c, $d, $a, $b, $x[$i+ 2], 17, 0x242070db);
$b = ff($b, $c, $d, $a, $x[$i+ 3], 22, 0xc1bdceee);
$a = ff($a, $b, $c, $d, $x[$i+ 4], 7 , 0xf57c0faf);
$d = ff($d, $a, $b, $c, $x[$i+ 5], 12, 0x4787c62a);
$c = ff($c, $d, $a, $b, $x[$i+ 6], 17, 0xa8304613);
$b = ff($b, $c, $d, $a, $x[$i+ 7], 22, 0xfd469501);
$a = ff($a, $b, $c, $d, $x[$i+ 8], 7 , 0x698098d8);
$d = ff($d, $a, $b, $c, $x[$i+ 9], 12, 0x8b44f7af);
$c = ff($c, $d, $a, $b, $x[$i+10], 17, 0xffff5bb1);
$b = ff($b, $c, $d, $a, $x[$i+11], 22, 0x895cd7be);
$a = ff($a, $b, $c, $d, $x[$i+12], 7 , 0x6b901122);
$d = ff($d, $a, $b, $c, $x[$i+13], 12, 0xfd987193);
$c = ff($c, $d, $a, $b, $x[$i+14], 17, 0xa679438e);
$b = ff($b, $c, $d, $a, $x[$i+15], 22, 0x49b40821);
$a = gg($a, $b, $c, $d, $x[$i+ 1], 5 , 0xf61e2562);
$d = gg($d, $a, $b, $c, $x[$i+ 6], 9 , 0xc040b340);
$c = gg($c, $d, $a, $b, $x[$i+11], 14, 0x265e5a51);
$b = gg($b, $c, $d, $a, $x[$i+ 0], 20, 0xe9b6c7aa);
$a = gg($a, $b, $c, $d, $x[$i+ 5], 5 , 0xd62f105d);
$d = gg($d, $a, $b, $c, $x[$i+10], 9 , 0x02441453);
$c = gg($c, $d, $a, $b, $x[$i+15], 14, 0xd8a1e681);
$b = gg($b, $c, $d, $a, $x[$i+ 4], 20, 0xe7d3fbc8);
$a = gg($a, $b, $c, $d, $x[$i+ 9], 5 , 0x21e1cde6);
$d = gg($d, $a, $b, $c, $x[$i+14], 9 , 0xc33707d6);
$c = gg($c, $d, $a, $b, $x[$i+ 3], 14, 0xf4d50d87);
$b = gg($b, $c, $d, $a, $x[$i+ 8], 20, 0x455a14ed);
$a = gg($a, $b, $c, $d, $x[$i+13], 5 , 0xa9e3e905);
$d = gg($d, $a, $b, $c, $x[$i+ 2], 9 , 0xfcefa3f8);
$c = gg($c, $d, $a, $b, $x[$i+ 7], 14, 0x676f02d9);
$b = gg($b, $c, $d, $a, $x[$i+12], 20, 0x8d2a4c8a);
$a = hh($a, $b, $c, $d, $x[$i+ 5], 4 , 0xfffa3942);
$d = hh($d, $a, $b, $c, $x[$i+ 8], 11, 0x8771f681);
$c = hh($c, $d, $a, $b, $x[$i+11], 16, 0x6d9d6122);
$b = hh($b, $c, $d, $a, $x[$i+14], 23, 0xfde5380c);
$a = hh($a, $b, $c, $d, $x[$i+ 1], 4 , 0xa4beea44);
$d = hh($d, $a, $b, $c, $x[$i+ 4], 11, 0x4bdecfa9);
$c = hh($c, $d, $a, $b, $x[$i+ 7], 16, 0xf6bb4b60);
$b = hh($b, $c, $d, $a, $x[$i+10], 23, 0xbebfbc70);
$a = hh($a, $b, $c, $d, $x[$i+13], 4 , 0x289b7ec6);
$d = hh($d, $a, $b, $c, $x[$i+ 0], 11, 0xeaa127fa);
$c = hh($c, $d, $a, $b, $x[$i+ 3], 16, 0xd4ef3085);
$b = hh($b, $c, $d, $a, $x[$i+ 6], 23, 0x04881d05);
$a = hh($a, $b, $c, $d, $x[$i+ 9], 4 , 0xd9d4d039);
$d = hh($d, $a, $b, $c, $x[$i+12], 11, 0xe6db99e5);
$c = hh($c, $d, $a, $b, $x[$i+15], 16, 0x1fa27cf8);
$b = hh($b, $c, $d, $a, $x[$i+ 2], 23, 0xc4ac5665);
$a = ii($a, $b, $c, $d, $x[$i+ 0], 6 , 0xf4292244);
$d = ii($d, $a, $b, $c, $x[$i+ 7], 10, 0x432aff97);
$c = ii($c, $d, $a, $b, $x[$i+14], 15, 0xab9423a7);
$b = ii($b, $c, $d, $a, $x[$i+ 5], 21, 0xfc93a039);
$a = ii($a, $b, $c, $d, $x[$i+12], 6 , 0x655b59c3);
$d = ii($d, $a, $b, $c, $x[$i+ 3], 10, 0x8f0ccc92);
$c = ii($c, $d, $a, $b, $x[$i+10], 15, 0xffeff47d);
$b = ii($b, $c, $d, $a, $x[$i+ 1], 21, 0x85845dd1);
$a = ii($a, $b, $c, $d, $x[$i+ 8], 6 , 0x6fa87e4f);
$d = ii($d, $a, $b, $c, $x[$i+15], 10, 0xfe2ce6e0);
$c = ii($c, $d, $a, $b, $x[$i+ 6], 15, 0xa3014314);
$b = ii($b, $c, $d, $a, $x[$i+13], 21, 0x4e0811a1);
$a = ii($a, $b, $c, $d, $x[$i+ 4], 6 , 0xf7537e82);
$d = ii($d, $a, $b, $c, $x[$i+11], 10, 0xbd3af235);
$c = ii($c, $d, $a, $b, $x[$i+ 2], 15, 0x2ad7d2bb);
$b = ii($b, $c, $d, $a, $x[$i+ 9], 21, 0xeb86d391);
$a = add($a, $olda);
$b = add($b, $oldb);
$c = add($c, $oldc);
$d = add($d, $oldd);
}
$a = substr('00000000'.dh($a),-8);
$b = substr('00000000'.dh($b),-8);
$c = substr('00000000'.dh($c),-8);
$d = substr('00000000'.dh($d),-8);
return $a.$b.$c.$d;
}
//test
echo MD5_("") . ' ' . strcmp(MD5_(""),md5("")) . "\n";
echo MD5_("a") . ' ' . strcmp(MD5_("a"),md5("a")) . "\n";
echo MD5_("abc") . ' ' . strcmp(MD5_("abc"),md5("abc")) . "\n";
echo MD5_("message digest") . ' ' . strcmp(MD5_("message digest"),md5("message digest")) . "\n";
echo MD5_("abcdefghijklmnopqrstuvwxyz") . ' ' . strcmp(MD5_("abcdefghijklmnopqrstuvwxyz"),md5("abcdefghijklmnopqrstuvwxyz")) . "\n";
echo MD5_("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") . ' ' . strcmp(MD5_("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"),md5("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789")) . "\n";
echo MD5_("12345678901234567890123456789012345678901234567890123456789012345678901234567890") . ' ' . strcmp(MD5_("12345678901234567890123456789012345678901234567890123456789012345678901234567890"),md5("12345678901234567890123456789012345678901234567890123456789012345678901234567890")) . "\n";
Of course, you'd probably understand it better if you wrote it yourself. The reference implementation is a good place to start.
I still don't understand any of the rest of that post - what the significance of md5(md5(md5(....))) is supposed to be in this context or what it's supposed to prove (the topology of the thing might be interesting for its own sake, but the same could be said of most other discrete dynamical systems - most of which would be far less artificial).
to convert a C language implementation of md5 to php...
weed, u are fast...
i will use urs as a reference... hopefully can discover something here... coffee tonight.. see u.
I only understood (or think I understood) two pieces of that - the rest was simply incoherent.
well, Yoda rules...
em... i got a suggestion, why don't u publish a book titled "21 Days to speak in a coherent way" and
i publish another book named "Speaking incoherently for dummies" or should be "Speaking in a not coherent
way for dummies"
i don't think i have any competitor books... haven't search the amazon yet.