Security Analysis of MD5 Algorithm in Password Storage
Hashing algorithms are commonly used to convert passwords into hashes which theoretically cannot be deciphered. This paper analyses the security risks of the hashing algorithm MD5 in password storage and discusses different solutions, such as salts and iterative hashing. We propose a new approach to using MD5 in password storage by using external information, a calculated salt and a random key to encrypt the password before the MD5 calculation. We suggest using key stretching to make the hash calculation slower and using XOR cipher to make the final hash value impossible to find in any standard rainbow table.
J. Z. Ma
M. C. Ah Kioon et al., "Security Analysis of MD5 Algorithm in Password Storage", Applied Mechanics and Materials, Vols. 347-350, pp. 2706-2711, 2013