Message Digest Functions

Message digest functions distill the information contained in a file (small or large) into a single large number, typically between 128 and 256 bits in length. (See Figure 7-4.) The best message digest functions combine these mathematical properties:

  • Every bit of the message digest function’s output is potentially influenced by every bit of the function’s input.

  • If any given bit of the function’s input is changed, every output bit has a 50 percent chance of changing.

  • Given an input file and its corresponding message digest, it should be computationally infeasible to find another file with the same message digest value.

A message digest function

Figure 7-4. A message digest function

Message digests are also called one-way hash functions because they produce values that are difficult to invert, resistant to attack, effectively unique, and widely distributed.

Many message digest functions have been proposed and are now in use. Here are a few:


Message Digest #2, developed by Ronald Rivest. This message digest is probably the most secure of Rivest’s message digest functions, but takes the longest to compute. As a result, MD2 is rarely used. MD2 produces a 128-bit digest.


Message Digest #4, also developed by Ronald Rivest. This message digest algorithm was developed as a fast alternative to MD2. Subsequently, MD4 was shown to have a possible weakness. It may be possible to find a second ...

Get Practical UNIX and Internet Security, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.