-1

I am using MD5 algorithm for sync with server where I want to send data using MD5 algorithm. I wrote following code-

NSString *string =  @"ABC";
    unsigned char *inStrg = (unsigned char*)[[string dataUsingEncoding:NSASCIIStringEncoding] bytes];
    unsigned long lngth = [string length];
    unsigned char result[MD5_DIGEST_LENGTH];
    NSMutableString *outStrg = [NSMutableString string];

    MD5(inStrg, lngth, result);

    unsigned int i;
    for (i = 0; i < MD5_DIGEST_LENGTH; i++)
    {
        [outStrg appendFormat:@"%02x", result[i]];
    }
    md5TextField.text = outStrg;

For decryption at server end I need its key through which MD5 text has been generated. What will be its key? Thanks in advance...

CharlesB
  • 86,532
  • 28
  • 194
  • 218
P.J
  • 6,547
  • 9
  • 44
  • 74
  • I can not understand your question. MD5 is just MessageDigest(Hash) algorithm. MessageDigenst couldn't decrypt. If you want to integrity of your data. you can use MD5. If you want to authentication with server. you can use HMAC-MD5 If you want to encapsulization. you shall change MD5 to cipher algorithm(like AES, DESede...) – TopChul May 31 '11 at 06:01

2 Answers2

1

MD5 is a hashing function that is not reversible (and thus designed to be non-reversible). If you need a simple encryption, you should go for symmetric encryption using AES.

Chech out AES Encryption for an NSString on the iPhone for more infos.

Community
  • 1
  • 1
grundprinzip
  • 2,471
  • 1
  • 20
  • 34
  • If not reversible can I know how to get its key so that I can do same encryption at server end and then match both text? – P.J May 31 '11 at 06:11
  • The basic idea of hashing is, that you given a secret (e.g. a password) you need a method to compare the secret without actually knowing the secret. So if you md5(secret) = hash and check the hash on the server side you will always know that the password is correct because md5(secret) is always the same md5 hash value. Real world example: If you create an account for an online service they hopefully only store the md5 hash of your password, if you know login they hash your password and compare the hash. As a result they will never know what actually your password was. – grundprinzip May 31 '11 at 18:38
1

Like already mentioned, you can't get the original value back from the hash. It is unlikely that you would be storing any values in the server in their original form. Store the hash and compare it with the hash that you generate in the app to authenticate. Since MD5 is system independent, you shouldn't worry about a 'key' as you don't pass it as an argument. If in case you are storing the original values in the server, you can calculate the MD5 of the string in the server and then compare.

Deepak Danduprolu
  • 44,595
  • 12
  • 101
  • 105