• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1984
  • Last Modified:

MD5 hashing vs SHA hashing

Hi,

I wanted to know the difference between the MD5 hash algorithm and the SHA hash algorithm. I read somewhere that there are weaknesses in the MD5 algorithm. Can someone explain which hash algorithm is better and why and which one should I use? I just simply want to encrypt a password and store it on a database.

Thanks
0
maloriopolium
Asked:
maloriopolium
1 Solution
 
AnthonyP9618Commented:
A PAQd question asking the same question... Hope that helps.

http://www.experts-exchange.com/Security/Misc/Q_21393626.html
0
 
PowerITCommented:
If you have the choice: use SHA. It's the succesor of MD5 and considered more secure and is FIPS approved: http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
SHA-1 will be fased out by the NIST by 2010, to be replaced by SHA-2 (SHA-224, SHA-256, SHA-384, and SHA-512).
The reason being that it has been found that the complexity to find a collision in SHA-1 has been lowered to 2^63.
That still is an astronomic number and would need a massive botnet to calculate within any reasonable time.
But the NIST has to look ahead. They are assuming that now that this has been found, better ways are one the way which will still lower the complexity.

J.
0
 
hackman_3vilGuyCommented:
There are weaknesses in sha-1 as well as MD5 ( http://news.com.com/Crypto+researchers+abuzz+over+flaws/2100-1002_3-5313655.html?tag=st.pop ). If possible use a SHA algorithm 256+.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now