Solved

MD5 hashing vs SHA hashing

Posted on 2007-03-28
3
1,951 Views
Last Modified: 2013-12-04
Hi,

I wanted to know the difference between the MD5 hash algorithm and the SHA hash algorithm. I read somewhere that there are weaknesses in the MD5 algorithm. Can someone explain which hash algorithm is better and why and which one should I use? I just simply want to encrypt a password and store it on a database.

Thanks
0
Comment
Question by:maloriopolium
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 11

Expert Comment

by:AnthonyP9618
ID: 18813118
A PAQd question asking the same question... Hope that helps.

http://www.experts-exchange.com/Security/Misc/Q_21393626.html
0
 
LVL 18

Accepted Solution

by:
PowerIT earned 50 total points
ID: 18814313
If you have the choice: use SHA. It's the succesor of MD5 and considered more secure and is FIPS approved: http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
SHA-1 will be fased out by the NIST by 2010, to be replaced by SHA-2 (SHA-224, SHA-256, SHA-384, and SHA-512).
The reason being that it has been found that the complexity to find a collision in SHA-1 has been lowered to 2^63.
That still is an astronomic number and would need a massive botnet to calculate within any reasonable time.
But the NIST has to look ahead. They are assuming that now that this has been found, better ways are one the way which will still lower the complexity.

J.
0
 
LVL 3

Expert Comment

by:hackman_3vilGuy
ID: 18825250
There are weaknesses in sha-1 as well as MD5 ( http://news.com.com/Crypto+researchers+abuzz+over+flaws/2100-1002_3-5313655.html?tag=st.pop ). If possible use a SHA algorithm 256+.
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
disable USB on Dell Printers 14 75
Fraud Email 11 70
User Account Question 6 47
Better malware protection 9 44
Many of you may be aware of the recent Google Docs scam emails that have been floating around coming from various people that you know. Here's a guide on identifying How To Identify the Scam Email You will see an email from someone you’ve had co…
A hard and fast method for reducing Active Directory Administrators members.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question