The MD5 message-digest algorithm is a cryptographically broken but still widely used hash function producing a 128-bit hash value.
Although MD5 was initially designed to be used as a cryptographic hash function, it has been found to suffer from extensive vulnerabilities.
It can still be used as a checksum to verify data integrity, but only against unintentional corruption; collision attacks are possible when malice is introduced.
It remains suitable for other non-cryptographic purposes, for example for determining the partition for a particular key in a partitioned database, and may be preferred due to lower computational requirements than more recent Secure Hash Algorithms.

MD5 was designed by Ronald Rivest in 1991 to replace an earlier hash function MD4, and was specified in 1992 as RFC 1321.