SitePoint Sponsor

User Tag List

Results 1 to 8 of 8

Thread: MD5 vs. SHA-1

  1. #1
    Custom User Title v1.0 FireFly's Avatar
    Join Date
    Aug 2001
    Posts
    363
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    MD5 vs. SHA-1

    Anyone has some reading material about this subject - which algorythm is better (SHA-1?) and why, etc.

    Thanks.

  2. #2
    Your Lord and Master, Foamy gold trophy Hierophant's Avatar
    Join Date
    Aug 1999
    Location
    Lancaster, Ca. USA
    Posts
    12,305
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    I have read a little about the two. It would appear to me that SHA1 is more secure than MD5. Both are hashing algorithms based on older MD4 protocols. The main difference is that SHA1 returns a 160 byte hash whereas MD5 returns a 32 byte hash. The longer hash makes SHA1 less prone to brute-force attacks as they would take a lot longer to complete. Furthermore, SHA1 was reviewed and approved by the professor who wrote the original MD5 algorithm.

    The practicality of moving the web from MD5 to SHA1 though is not as easy to look at. Since they are both hashing algorithms, there is no way to easily decrypt what they represent so if that is passwords, then you have a lot of work getting users to change them when you switch algorithms.

    Other considerations include this:

    MD5 is 5 times faster than SHA1 but only returns 1/5th the bytes. MD5 has a collision rate of 2^32. Even though it is faster, you will need 3-5 iterations of MD5 to get the same level of security in SHA1.
    Wayne Luke
    ------------


  3. #3
    SitePoint Guru
    Join Date
    Sep 2002
    Location
    Universe
    Posts
    789
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    MD5 is relatively secure, and much faster. SHA-1 is a technology perhaps for the future. I have read that it is 4 times slower than MD5 and uses much many resources.

    In case of large databases which need extreme security, go with SHA-1; although MD5 is most practical for general application.

  4. #4
    Currently Occupied; Till Sunda Andrew-J2000's Avatar
    Join Date
    Aug 2001
    Location
    London
    Posts
    2,475
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by W. Luke
    Confucious' brother Joe says "Give a man a fire and he will be warm for a day.
    Set a man on fire and he will be warm for the rest of his life."
    .
    Just had to say I luv the quote.

    Ayway getting back to the topic in hand;

    Secure Hash Algorithm 1 (SHA1)
    MD5 Message-Digest Algorithm

    I looked into other algorithms, including RC4, Blowfish, (crc32) and a few others, however from what I remember an RC4, encryption, took one person just under a week to crack.

    As Wayne was implying, it all depends on your implementation, the higher the form of encryption, the longer it takes to process, so in effect, the type of encryption you choose all depends upon your requirements.

    http://pajhome.org.uk/crypt/md5/

  5. #5
    SitePoint Guru okrogius's Avatar
    Join Date
    Mar 2002
    Location
    US
    Posts
    622
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    SHA1 is generally much more secure, and is what I use now.

    But as Wayne pointed out, the problem is getting the switch to be as painless as possible. If I'm using an older database with MD5 hashes, I doubt giving everyone a randomly generated SHA1 password is worth it. But if I were ot start a new project, I'd use SHA1.

  6. #6
    Custom User Title v1.0 FireFly's Avatar
    Join Date
    Aug 2001
    Posts
    363
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for the answers.

    Quote Originally Posted by Codename49
    SHA1 is generally much more secure, and is what I use now.
    I guess I'm wondering why it is "much more" secure than MD5? For most web implementations the 8 byte difference can't matter that much, right? MD5 is still hard to crack as it is.

  7. #7
    Sidewalking anode's Avatar
    Join Date
    Mar 2001
    Location
    Philadelphia, US
    Posts
    2,205
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by FireFly
    I guess I'm wondering why it is "much more" secure than MD5? For most web implementations the 8 byte difference can't matter that much, right? MD5 is still hard to crack as it is.
    You mean 128, right?

    With cryptography, adding characters makes the complexity of cracking something rise exponentially. So yes, it's quite a large difference, in theory anyway.
    TuitionFree a free library for the self-taught
    Anode Says... Blogging For Your Pleasure

  8. #8
    The doctor is in... silver trophy MarcusJT's Avatar
    Join Date
    Jan 2002
    Location
    London
    Posts
    3,509
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Codename49
    But as Wayne pointed out, the problem is getting the switch to be as painless as possible.
    Are we talking about a single site here, or are we talking about getting every web application on the Internet to switch from MD5 to SHA1?

    If the former, and assuming that the user's password is received by the server in plaintext form (rather than being hashed client-side before transmission) then surely all you would need to do is to run the two in parallel, using two fields in the database (PasswordMD5 and PasswordSHA1)...

    The authentication function would take the plaintext username and password, load up the record (using the username as the primary key), and see if there was a value in the PasswordMD5 field.

    - If there was, then the user is still on MD5, so the plaintext password would be MD5 hashed, compared to stored hash, and if successful, then the plaintext password would be hashed using SHA1, stored in the PasswordSHA1 field, and the PasswordMD5 field cleared.

    - If there wasn't then the user is already on SHA1, so just SHA1 hash the password, and compare to the stored value.


    This approach would be completely invisible to users, and would migrate them from one hashing algorithm to another very painlessly. Later on (once all the users have been migrated, perhaps after a mailshot to ask them to login), you could remove the MD5 parts completely. Job done!

    MarcusJT
    - former ASP web developer / former SPF "ASP Guru"
    - *very* old blog with some useful ASP code

    - Please think, Google, and search these forums before posting!


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •