Cryptographic Hashing Function (SHA-1 and MD5)
What is a Cryptographic Hash Function?
A crytographic hashing function is a deterministic procedure that takes a block of code and returns a fixed bit string.
Two widely used hasing functions used today are MD5 and SHA-1
SHA-1
SHA-1 was designed by the Nation Security Agency (NSA) in 1995.
Published by The National Institute of Standards and Technology as a Federal Information Processing Standard for the US.
SHA-1 is an upgraded version of SHA-0, correcting an error is the hash specification.
SHA-1 is the most used version of SHA today. It is currently used in many applications and security protocols.
MD5
MD5 was developed by Ron Rivest in 1991
MD5 was published in 1992.
Its used in many security applications, and is great for checking file integrity.
History
There are many versions of Message Digest (MD) Algorithm, including MD2, MD4, MD5, and as of 2008 MD6.
Secure Hashing Algorithm (SHA) started with SHA-0, and two years later moved onto SHA-1. The National Institute of Standards and Technology published SHA-2; which are broken into 4 different digest lengths - SHA-224 (224 bits), SHA-256 (256 bits), SHA-384 (384 bits) and SHA-512 (512 bits)
SHA-3 is currently being developed in a competition, currently in round 2 and will be moving on to round 3 soon. The winner will be announced in 2012.
Differences
- MD5 uses 128 bit digests, while SHA-1 has 160 bit digests.
- That being said, SHA-1 has 4 billion times more output space than MD5.
- MD5 is less secure than SHA-1, but processes faster.
- MD5 is heavily used in software to check file integrity (Md5sum) and is commonly used to store passwords.
- SHA-1 and SHA-2 and required by law for some US Goverment applications.