What is SHA-1 and MD-5 encryption?

5 pts.
Tags:
Encryption
What is SHA-1 and MD-5 encryption?
ASKED: February 13, 2008  6:53 PM
UPDATED: November 6, 2009  7:31 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

SHA-1 and MD5 are two different encryption algorithms.

SHA-1 is a two way algorithm meaning that you can take the encrypted value, and decrypt the value to get the original plain text value back. This algorithm provides a good level of security for data, and is a standard algorithm which is used to protect credit card data when it is stored within a database.

MD5 is a one way hashing algorithm meaning that you can not take the hashed (or encrypted value) and decrypt it to get the original plain text value back. This provides an excellent level of security for things like passwords where you do not need the original value. To use an MD5 value you hash the value you want to check to see is encrypted and compare it to the stored hashed values for a match.

============================================================

Neither MD5 nor SHA-1 is an “encryption” algorithm. Both are “hashing” algorithms.

In the simple sense, something that is encrypted can later be decrypted to get the original back.

Something that is properly hashed stays that way; it is a ‘fingerprint’ of the original pattern that cannot be ‘dehashed’ to reconstruct the original.

Ideally, there is only a single unique hash value that can be derived from each unique string of characters.

Of course, it’s easy to prove that that’s not possible when hash values are small — small as in 160 or 256 or 512 bits. But in practice, because the strings of characters aren’t random, because they’re patterns of words more than just patterns of letters, the number of likely hash values gets smaller.

The value of unique hashes is that they can be used to verify that the original string hasn’t been changed. If I send you a message along with a hash, you can run the message through the hash algorithm to see if the same hash value comes out. If it does, you can feel confident that you’re reading exactly what was written.

The passwords for your iSeries are stored in a “one-way” hashed form. When you enter the password for your user profile, it gets hashed and the result is compared to the stored hash value to see if it matches. That’s why you can’t find any passwords anywhere — they aren’t stored.

But don’t confuse it with encryption.

Tom

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Labnuke99
    Both are message authentication hash algorithms. This means that they are one-way and you cannot derive the original message from the hash produced by the algorithm. SHA1 - The US Secure Hash Algorithm takes a message of less than 264 bits in length and produces a 160-bit message digest designed so that it is computationally very expensive to find a text string that matches a given hash. MD5 - Message Digest 5 is a standard algorithm that takes as input a message of arbitrary length and produces as output a 128-bit fingerprint or message digest of the input. Any modifications made to the message in transit can then be detected by recalculating the digest. Similar in concept to a CRC, the MD5 algorithm is used as part of the SNMPv3 security subsystem Please also check here for more information:
    32,960 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following