Cryptographic Hashing Function (SHA-1 and MD5): Difference between revisions

From ITCwiki
Jump to navigation Jump to search
No edit summary
No edit summary
 
(14 intermediate revisions by the same user not shown)
Line 1: Line 1:
=What is a Cryptographic Hash Function?=
=What is a Cryptographic Hash Function?=
A crytographic hashing function is a deterministic procedure that takes a block of code and returns a fixed bit string.
A cryptographic hashing function is a deterministic procedure that takes a block of code and returns a fixed bit string.


Two widely used hasing functions used today are MD5 and SHA-1
Two widely used hashing functions used today are MD5 and SHA-1


==SHA-1==
==SHA-1==
SHA-1 was designed by the Nation Security Agency (NSA) in 1995.
*SHA-1 was designed by the Nation Security Agency (NSA) in 1995.


Published by The National Institute of Standards and Technology as a Federal Information Processing Standard for the US.
*Published by The National Institute of Standards and Technology as a Federal Information Processing Standard for the US.


SHA-1 is an upgraded version of SHA-0, correcting an error is the hash specification.
*SHA-1 is an upgraded version of SHA-0, correcting an error is the hash specification.


SHA-1 is the most used version of SHA today. It is currently used in many applications and security protocols.
*SHA-1 is the most used version of SHA today. It is currently used in many applications and security protocols.
 
 
[[File:nsa.jpg|middle]]




==MD5==
==MD5==
MD5 was developed by Ron Rivest in 1991
*MD5 was developed by Ron Rivest in 1991
 
*MD5 was published in 1992.
 
*Its used in many security applications, and is great for checking file integrity.


MD5 was published in 1992.


Its used in many security applications, and is great for checking file integrity.
[[File:ron_rivest.jpg|middle]]
<- Ron Rivest




==History==
==History==


There are many versions of Message Digest (MD) Algorithm, including MD2, MD4, MD5, and as of 2008 MD6.
*There are many versions of Message Digest (MD) Algorithm, including MD2, MD4, MD5, and as of 2008 MD6.


Secure Hashing Algorithm (SHA) started with SHA-0, and two years later moved onto SHA-1. The National Institute of Standards and Technology published SHA-2; which are broken into 4 different digest lengths - SHA-224 (224 bits), SHA-256 (256 bits), SHA-384 (384 bits) and SHA-512 (512 bits)
*Secure Hashing Algorithm (SHA) started with SHA-0, and two years later moved onto SHA-1. The National Institute of Standards and Technology published SHA-2; which are broken into 4 different digest lengths - SHA-224 (224 bits), SHA-256 (256 bits), SHA-384 (384 bits) and SHA-512 (512 bits)


SHA-3 is currently being developed in a competition, currently in round 2 and will be moving on to round 3 soon. The winner will be announced in 2012.
*SHA-3 is currently being developed in a competition, currently in round 2 and will be moving on to round 3 soon. The winner will be announced in 2012.


==Differences==
==Differences==


MD5 uses 128 bit digests, while SHA-1 has 160 bit digests.
*MD5 uses 128 bit digests, while SHA-1 has 160 bit digests.
:That being said, SHA-1 has 4 billion times more output space than MD5.
:That being said, SHA-1 has 4 billion times more output space than MD5.


MD5 is less secure than SHA-1, but processes faster.
*MD5 is less secure than SHA-1. SHA-1 is more resistant to brute force attacks.
 
*MD5 processes faster than SHA-1, because it has 64 steps in its algorithm compared to SHA-1's 80 steps.
 
*MD5 is heavily used in software to check file integrity (Md5sum) and is commonly used to store passwords.
 
*SHA-1 and SHA-2 and required by law for some US Government applications.
 
*For Security purposes SHA-1 is preferred over MD5 due to perceived security flaws, although none have been proven.
 
 
*With MD5 it is very easy to produce collisions. (a collision is production of the same hash value from two different inputs)


==Refrences==
*With SHA-1 collisions are extremely difficult to accomplish (theoretically can happen, none have actually been found yet). Knowing that it would take massive amounts of time to find a collision with the full 80 steps of hashing, beginning in 2007 The Graz University of Technology created a computing platform named BOINC. Its purpose was to create a SHA-1 collision. Two years later it was abandoned due to lack of progress.
 
==References==
[http://en.wikipedia.org/wiki/SHA1 SHA-1 Wiki]
[http://en.wikipedia.org/wiki/SHA1 SHA-1 Wiki]


[http://en.wikipedia.org/wiki/MD5 MD5 Wiki]
[http://en.wikipedia.org/wiki/MD5 MD5 Wiki]
[[File:Bob_dole.jpg|middle]]

Latest revision as of 02:20, 9 December 2010

What is a Cryptographic Hash Function?

A cryptographic hashing function is a deterministic procedure that takes a block of code and returns a fixed bit string.

Two widely used hashing functions used today are MD5 and SHA-1

SHA-1

  • SHA-1 was designed by the Nation Security Agency (NSA) in 1995.
  • Published by The National Institute of Standards and Technology as a Federal Information Processing Standard for the US.
  • SHA-1 is an upgraded version of SHA-0, correcting an error is the hash specification.
  • SHA-1 is the most used version of SHA today. It is currently used in many applications and security protocols.


Nsa.jpg


MD5

  • MD5 was developed by Ron Rivest in 1991
  • MD5 was published in 1992.
  • Its used in many security applications, and is great for checking file integrity.


Ron rivest.jpg <- Ron Rivest


History

  • There are many versions of Message Digest (MD) Algorithm, including MD2, MD4, MD5, and as of 2008 MD6.
  • Secure Hashing Algorithm (SHA) started with SHA-0, and two years later moved onto SHA-1. The National Institute of Standards and Technology published SHA-2; which are broken into 4 different digest lengths - SHA-224 (224 bits), SHA-256 (256 bits), SHA-384 (384 bits) and SHA-512 (512 bits)
  • SHA-3 is currently being developed in a competition, currently in round 2 and will be moving on to round 3 soon. The winner will be announced in 2012.

Differences

  • MD5 uses 128 bit digests, while SHA-1 has 160 bit digests.
That being said, SHA-1 has 4 billion times more output space than MD5.
  • MD5 is less secure than SHA-1. SHA-1 is more resistant to brute force attacks.
  • MD5 processes faster than SHA-1, because it has 64 steps in its algorithm compared to SHA-1's 80 steps.
  • MD5 is heavily used in software to check file integrity (Md5sum) and is commonly used to store passwords.
  • SHA-1 and SHA-2 and required by law for some US Government applications.
  • For Security purposes SHA-1 is preferred over MD5 due to perceived security flaws, although none have been proven.


  • With MD5 it is very easy to produce collisions. (a collision is production of the same hash value from two different inputs)
  • With SHA-1 collisions are extremely difficult to accomplish (theoretically can happen, none have actually been found yet). Knowing that it would take massive amounts of time to find a collision with the full 80 steps of hashing, beginning in 2007 The Graz University of Technology created a computing platform named BOINC. Its purpose was to create a SHA-1 collision. Two years later it was abandoned due to lack of progress.

References

SHA-1 Wiki

MD5 Wiki

Bob dole.jpg