[vpn] MD5 vs. SHA

[Ryan Malayter]

There have been advances in better-than-brute-force attacks against MD5.
>From http://www.ietf.org/rfc/rfc1828.txt:

"...it is known to be possible to produce collisions in the compression
function of MD5. There is not yet a known method to exploit these
collisions to attack MD5 in practice, but this fact is disturbing to
some authors."

SHA-1 is simply a better choice in light of its longer digest and
resistance to the aforementioned compression function attacks. Any
performance penalty is minimal, so why not use it?

-----Original Message-----
From: Christopher Gripp [mailto:cgripp at axcelerant.com] 
Sent: Thursday, June 20, 2002 6:19 PM
To: Mike Hancock; vpn at securityfocus.com
Subject: RE: [vpn] MD5 vs. SHA


As found in "Applied Crypto"

SHA is MD4 with the addition of an expand transformation, an extra round
and better avalanche effect
MD5 is MD4 with improved bit hashin, an extra round and better avalanche
effect

There are no known cryptographic attacks against SHA.  Because it
produces a 160 bit hash, it is more resistant to brute-force attacks
(including birthday attacks) than a 128 bit hash function.


Christopher Gripp 
Systems Engineer 
Axcelerant

"To be unhappy over what one lacks is to waste what one already
possesses."

> -----Original Message-----
> From: Mike Hancock [mailto:Mike.Hancock at sourcemed.net]
> Sent: Thursday, June 20, 2002 11:55 AM
> To: vpn at securityfocus.com
> Subject: [vpn] MD5 vs. SHA
> 
> 
> Can anyone explain the difference between MD5 and SHA
>  (besides 128 vs 160 bits) or point me to a good reason to 
> use one over
> the other?
> 
> _______________________________
> Mike Hancock
> 
> 
> 
> VPN is sponsored by SecurityFocus.com
> 
> 

VPN is sponsored by SecurityFocus.com


VPN is sponsored by SecurityFocus.com