PHP md5解释
[英]PHP md5 explained
问题描述
I am working on this PHP project and I have many places that an md5 is being used. 
我正在从事这个PHP项目,并且在很多地方都在使用md5。 I have even used it many times, but still today I am unclear on what the function is doing. 我什至使用了很多次,但直到今天我仍不清楚该函数在做什么。 I realize it decrypts the value passed in but what about undoing it to get it back to the original. 我意识到它会解密传入的值,但是撤消它以将其恢复为原始值该怎么办。 Maybe i am not clear about the whole process and if anyone has information about the process I would highly appreciate it 也许我不清楚整个过程,如果有人知道该过程的信息,我将不胜感激
7 个解决方案
解决方案1
7 已采纳 2010-08-17 17:50:20
md5 is a hashing function md5是哈希函数
It only works one way. 它仅以一种方式起作用。
A hash function is any well-defined procedure or mathematical function that converts a large, possibly variable-sized amount of data into a small datum.
解决方案2
4 2010-08-17 17:51:03
MD5 is a one way encryption hash . MD5是一种单向加密哈希 。
It doesn't decrypt anything, rather it creates you a hash code that you can use to compare with other MD5 hashes. 它不会解密任何内容,而是会创建一个哈希码,您可以将其与其他MD5哈希进行比较。 It used to be that if two hashes matched you could be confident that the two inputs were same. 过去,如果两个哈希匹配,则您可以确信两个输入是相同的。 Several collisions were eventually found, followed by ways to create collisions intentionally (reducing the value of MD5 for security purposes). 最终发现了几次冲突,然后发现了有意创建冲突的方法(出于安全目的降低了MD5的值)。 It's a fairly fast algorithm, so there can still be some use to it (checking for corruption during the transmission of large amounts of data, and other other places where you are may be providing other forms of protection against a true attack). 这是一种相当快的算法,因此仍然可以使用它(检查在传输大量数据期间是否损坏,以及其他可能为您提供真正攻击手段的地方)。
解决方案3
2 2010-08-17 17:52:52
MD5 is a not encryption per se, but rather an algorithm for generating checksums. MD5本身不是加密,而是一种用于生成校验和的算法。 Whatever data you pass in, you will get out a hexadecimal (only 0-9 and AF) string of fixed length. 无论您传入什么数据,都将得到固定长度的十六进制字符串(仅0-9和AF)。 The idea is that it's very unlikely that any other data than the one you passed in will result in the same MD5 string. 这个想法是,除了传递的数据外,其他任何数据都不太可能导致相同的MD5字符串。 As the result has a fixed length while your data can be any length there will obviously be other data that results in the same MD5 string, but once again, it's very unlikely that you'd find it. 由于结果的长度是固定的,而您的数据可以是任意长度,因此显然会有其他数据导致相同的MD5字符串,但是再一次,您很难找到它。
Thus, there is no way to actually "decrypt" an MD5 string. 因此,没有办法实际“解密” MD5字符串。 What you do is, you generate it from some data, then generate it from some other data, and compare the two MD5 strings. 您要做的是,从一些数据生成它,然后从其他数据生成它,然后比较两个MD5字符串。 If they are the same, you can be quite certain (although not 100%), that the two input data are identical. 如果它们相同,则可以确定(尽管不是100%)两个输入数据相同。
解决方案4
1 2010-08-17 17:51:00
MD5 does not decrypt anything. MD5不会解密任何内容。 It is considered a one-way hashing algorithm. 它被认为是一种单向哈希算法。 For a given input it returns a fixed length string. 对于给定的输入,它返回固定长度的字符串。 Additionally, for two given inputs that are fairly similar but not identical the md5 value returned will not be predictable. 此外,对于两个非常相似但不完全相同的给定输入,返回的md5值将不可预测。
Hashing is good for a lot of things, for example file verification. 散列对很多事情都有好处,例如文件验证。 Although off topic, if you took a file and computed a hash for it and then sent someone a file along with a hash they could easily verify they received the file correct by hashing it themselves and then asserting their hash matches the supplied hash. 尽管不在主题之列,但是如果您获取了一个文件并为其计算了哈希值,然后将哈希值与文件一起发送给某人,他们可以轻松地通过自己对其进行哈希处理然后断言其哈希值与提供的哈希值相匹配,来验证他们是否正确接收了该文件。
Another example would be something such as authentication on a site. 另一个示例是诸如站点身份验证之类的东西。 After you authenticate a user, you start a session and in that session you store md5(username+time) and also store a cookie on users browser of md5(username+time) then on subsequent page requests you could check your session hash matches the cookie hash to assert the user is who they say they are. 在对用户进行身份验证之后,您将启动一个会话,并在该会话中存储md5(用户名+时间),还将cookie存储在md5(用户名+时间)的用户浏览器中,然后在随后的页面请求中,您可以检查会话哈希是否与Cookie哈希来断言用户就是他们所说的真实身份。 Md5 is not a good hash for this type of thing but hashing in general can help in situations such as these. 对于这种类型的事物,Md5并不是一个很好的哈希,但是哈希通常可以在此类情况下提供帮助。 sha1 would be a better hashing function for this application or even sha512. 对于此应用程序甚至sha512,sha1将是更好的哈希函数。
解决方案5
1 2010-08-17 18:21:06
MD5 is a cryptographic hash function. MD5是加密哈希函数。 Cryptographic hash functions has the special property that they generate a result based on input, but it is almost impossible to recover the original input. 密码散列函数具有特殊的属性,即它们根据输入生成结果,但是几乎不可能恢复原始输入。 It's kinda an "one-way encryption". 这有点像“单向加密”。 Also, by passing the same data through a cryptographic hash function you should always get the same result. 同样,通过加密散列函数传递相同的数据,您应该始终获得相同的结果。
While they are not preferred for encryption, since it's one-way only, but they are very useful when storing passwords. 尽管它们不是唯一的加密方法,因为它只是单向的,但是在存储密码时它们非常有用。 This is because, as I said, the same input would always have the same result. 正如我所说,这是因为相同的输入将始终具有相同的结果。 This makes storing the password in plain-text, or even recoverable version of it (such as encrypted passwords) unnecessary. 这使得无需以纯文本或什至是密码的可恢复版本(例如加密密码)存储密码。 Instead, you would just generate a hash from the password and store it in a database. 取而代之的是,您只需要根据密码生成一个哈希并将其存储在数据库中即可。 Whenever someone would try to log in, you would retrieve the hash from the database, and then generate a new hash from the password entered by the user and compare the two. 每当有人尝试登录时,您都将从数据库中检索散列,然后根据用户输入的密码生成新的散列,然后将两者进行比较。
Please note that MD5 is not very secure, you should try to use some other more secure hashing function instead, such as SHA512: 请注意,MD5并不是很安全,您应该尝试使用其他一些更安全的哈希函数,例如SHA512:
<?php
$hash = hash('sha512', $data);
?>
Useful links: 有用的链接:
解决方案6
0 2010-08-17 17:50:58
See http://en.wikipedia.org/wiki/Hash_function . 请参阅http://en.wikipedia.org/wiki/Hash_function 。
The strength of a hash function is dependent on its difficulty to reverse. 哈希函数的强度取决于其反转的难度。
解决方案7
0 2010-08-17 17:51:10
It generates a one way hash of the input data, using the md5 algorithm 它使用md5算法生成输入数据的单向哈希
Some links: 一些链接:
http://en.wikipedia.org/wiki/MD5 http://en.wikipedia.org/wiki/MD5
http://en.wikipedia.org/wiki/Cryptographic_hash_function http://en.wikipedia.org/wiki/Cryptographic_hash_function
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.