Solved

MD5 hashing vs SHA hashing

Posted on 2007-03-28
3
1,938 Views
Last Modified: 2013-12-04
Hi,

I wanted to know the difference between the MD5 hash algorithm and the SHA hash algorithm. I read somewhere that there are weaknesses in the MD5 algorithm. Can someone explain which hash algorithm is better and why and which one should I use? I just simply want to encrypt a password and store it on a database.

Thanks
0
Comment
Question by:maloriopolium
3 Comments
 
LVL 11

Expert Comment

by:AnthonyP9618
ID: 18813118
A PAQd question asking the same question... Hope that helps.

http://www.experts-exchange.com/Security/Misc/Q_21393626.html
0
 
LVL 18

Accepted Solution

by:
PowerIT earned 50 total points
ID: 18814313
If you have the choice: use SHA. It's the succesor of MD5 and considered more secure and is FIPS approved: http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
SHA-1 will be fased out by the NIST by 2010, to be replaced by SHA-2 (SHA-224, SHA-256, SHA-384, and SHA-512).
The reason being that it has been found that the complexity to find a collision in SHA-1 has been lowered to 2^63.
That still is an astronomic number and would need a massive botnet to calculate within any reasonable time.
But the NIST has to look ahead. They are assuming that now that this has been found, better ways are one the way which will still lower the complexity.

J.
0
 
LVL 3

Expert Comment

by:hackman_3vilGuy
ID: 18825250
There are weaknesses in sha-1 as well as MD5 ( http://news.com.com/Crypto+researchers+abuzz+over+flaws/2100-1002_3-5313655.html?tag=st.pop ). If possible use a SHA algorithm 256+.
0

Featured Post

Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

You may have a outside contractor who comes in once a week or seasonal to do some work in your office but you only want to give him access to the programs and files he needs and keep privet all other documents and programs, can you do this on a loca…
Every computer eventually fails. When that happens, your valuable data is only as safe as your current backup.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now