MD5 hash different but still the same?

FrankGuthrie

Ok let me explain why I'm asking this question.

at work we have to devices who authenticate to the same NTP server, but their hashes are different. Shouldn't the hashes match?

I was under the impression that when you use the same password and MD5 would be the same. So then 2 devices authenticate to each other, the MD5 has is sent over the line, and the other side will hash its own password and see if they match?

How can you have 2 different hashes for the same password value?

NetworkNewb

The salt added to it was different?

danny069

NetworkNewb wrote: »

The salt added to it was different?

This guy may be onto something. Could be a salt value added perhaps?

Sirzerty

IOS 12? if so it may not actually be md5, our old IOS 12 switches would take cisco 7 passwords when you specified md5. If you hash it in something like wolfram alpha does it come back with the same hash for either?

FrankGuthrie

But then how does the MD5 function work if it is salted? According to what I learned passwords are not send over the wire, but the hash... The other side hashes the password configured on itself and it should match (if the passwords are the same). Exactly as the picture from the wiki shows.....





See WIKI:
https://en.wikipedia.org/wiki/MD5

So Where am I wrong?

OctalDump

You concatenate (add) the password and salt, and then hash the result. You can send the salt in clear text, along with the hashed value. The otherside then takes the salt, runs it against the password, and hashes again. The hashes should match if the password+salt are the same. The salt can be changed for every exchange, and can be different on both sides.

This allows some protection against rainbow table attacks.