MD5 hashing vs SHA hashing

Hi,

I wanted to know the difference between the MD5 hash algorithm and the SHA hash algorithm. I read somewhere that there are weaknesses in the MD5 algorithm. Can someone explain which hash algorithm is better and why and which one should I use? I just simply want to encrypt a password and store it on a database.

Thanks
maloriopoliumAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AnthonyP9618Commented:
A PAQd question asking the same question... Hope that helps.

http://www.experts-exchange.com/Security/Misc/Q_21393626.html
0
PowerITCommented:
If you have the choice: use SHA. It's the succesor of MD5 and considered more secure and is FIPS approved: http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
SHA-1 will be fased out by the NIST by 2010, to be replaced by SHA-2 (SHA-224, SHA-256, SHA-384, and SHA-512).
The reason being that it has been found that the complexity to find a collision in SHA-1 has been lowered to 2^63.
That still is an astronomic number and would need a massive botnet to calculate within any reasonable time.
But the NIST has to look ahead. They are assuming that now that this has been found, better ways are one the way which will still lower the complexity.

J.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
hackman_3vilGuyCommented:
There are weaknesses in sha-1 as well as MD5 ( http://news.com.com/Crypto+researchers+abuzz+over+flaws/2100-1002_3-5313655.html?tag=st.pop ). If possible use a SHA algorithm 256+.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.