md5 / sha1 - Any real difference?

Re: md5 / sha1 - Any real difference?

Randell D. wrote:[color=blue]
> md5 over sha1 or versa vicea... I know md5 gives me a unique 32bit hash
> while sha1 I've read is 'secure' (?) and gives a 40bit hash... Since The[/color]

Basically there is just less chance of two strings ending up with the same
hash value (a "collision" ). The more "collisions " a hash algorithm has the
less useful it becomes.

This

might be of interest.

--
James Sleeman
Gogo:Code http://www.gogo.co.nz/
Email domain : gogo.co.nz see user in from header!

Re: md5 / sha1 - Any real difference?


"James Sleeman" <james@seeMessa geForDomain.moc > wrote in message
news:M7RKa.1519 $9f7.96988@news 02.tsnz.net...[color=blue]
> Randell D. wrote:[color=green]
> > md5 over sha1 or versa vicea... I know md5 gives me a unique 32bit hash
> > while sha1 I've read is 'secure' (?) and gives a 40bit hash... Since The[/color]
>
> Basically there is just less chance of two strings ending up with the same
> hash value (a "collision" ). The more "collisions " a hash algorithm has[/color]
the[color=blue]
> less useful it becomes.
>
> This
>[/color]
http://groups.google.com/groups?q=md...psi.net&rnum=5[color=blue]
> might be of interest.
>
> --
> James Sleeman
> Gogo:Code http://www.gogo.co.nz/
> Email domain : gogo.co.nz see user in from header![/color]

Cheers for that...

Re: md5 / sha1 - Any real difference?

"Randell D." <you.can.email. me.at.randelld@ yahoo.com> wrote in message
news:lHPKa.3268 72$Vi5.8382725@ news1.calgary.s haw.ca...[color=blue]
>
> Folks,
>
> I use md5 hash with some of my cookies and occassionally a hidden form
> field - I know the physical data on my network is insecure (unless being
> served via https) but I was wondering if there are any advantages to using
> md5 over sha1 or versa vicea... I know md5 gives me a unique 32bit hash
> while sha1 I've read is 'secure' (?) and gives a 40bit hash... Since The
> technical webpage on sha1 is lengthy and for the most part over my head...
> and other than today, I've never heard of it before... I was wondering if
> anyone could offer any comments on it...
>
> Cheers
> randelld[/color]

First of all the hash length you mention are much to short to offer any
security.
md5 = 128 bit
sha-1 = 160 bit

If you are not working on high-security stuff it makes no real difference
for you but if it's your decision and there is an available sha-1 imple-
mentation for you platform then i see no reason why to use the old
md5 stuff.