MD5 Hash - Exam 400-251: CCIE Security Written Exam | Cisco

MD5 Hash

Prev Question Next Question

Question

Which two statements about the MD5 Hash are true? (Choose two.)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

BE.

MD5 (Message Digest 5) is a widely used cryptographic hash function that generates a fixed-sized output (128-bit hash value) for an input message of any size. The main properties of the MD5 hash function are as follows:

A. Length of the hash value varies with the length of the message that is being hashed. False. MD5 always produces a fixed-length hash value of 128 bits, regardless of the size of the input message.

B. Every unique message has a unique hash value. False. While the MD5 hash function is designed to produce a unique hash value for each unique input message, it is mathematically possible to find two different messages that have the same hash value, called a collision. In other words, the MD5 hash function is not collision-resistant, which makes it vulnerable to various attacks, including spoofing and repudiation attacks.

C. It's mathematically possible to find a pair of messages that yield the same hash value. True. As mentioned above, the MD5 hash function is not collision-resistant, which means that it's possible to find two different messages that have the same hash value. This vulnerability has led to the deprecation of MD5 in many cryptographic applications.

D. MD5 always yields a different value for the same message if repeatedly hashed. False. If the same message is hashed using the MD5 hash function repeatedly, it will always produce the same hash value. This property is called determinism and is a desirable property of a hash function.

E. The hash value cannot be used to discover the message. True. The MD5 hash function is a one-way function, meaning that it's computationally infeasible to determine the input message from its hash value. This property makes it suitable for various applications, including password verification and digital signature generation.