Posted by shahata5 6 years ago In:

shahata5
shahata5 Asked:

Why is sha1 more safe than md5?

Liked this question? Tell your friends about it

Best Answer

sdfjkl
sdfjkl Answered:

Both

MD5 and SHA-1 have known weaknesses that allow for a reduced effort in finding collisions. A collision is when different inputs results in the same hash value. Since hashes are used to verify the contents of a message, this is bad, because the same hash could mean either message. In most cases simply any collision is not enough to do real damage though - an attacker would need to find one that produces the same hash for both the original content and the modified content while still leaving such content useful (i.e. leaving an executable program code still doing something more or less intended, or leaving a text message mostly intact while only changing certain words/phrases). A hash algorithm is weakened when a method is known that reduces the effort of finding such a collision considerably compared to the brute force method (trying all combinations until you happen upon one that produces the same hash value).
Add a comment Report

All Answers

Order by
Oldest to Newest
Newest to Oldest
Votes
BananushkA
BananushkA Answered:

sha1 and md5 are both based on the same idea. To each and every string there is an n-character hexadecimal number which represent it. There is a table (hash table) which tells how to match a string and a number. Though there can be two strings with the same value, it's rarely ever matters in this encodings.

In md5 encoding there are 32 hexadecimal characters that represent a string and in sha1 there are 40 characters. As you see, there is less chance to find another string with the same hash-code as an encoded string if you have more characters.

Hence, the more - the merrier.

Add a comment Report
shahata5
shahata5 Answered:

Both

MD5 and SHA-1 have known weaknesses that allow for a reduced effort in finding collisions. A collision is when different inputs results in the same hash value. Since hashes are used to verify the contents of a message, this is bad, because the same hash could mean either message. In most cases simply any collision is not enough to do real damage though - an attacker would need to find one that produces the same hash for both the original content and the modified content while still leaving such content useful (i.e. leaving an executable program code still doing something more or less intended, or leaving a text message mostly intact while only changing certain words/phrases). A hash algorithm is weakened when a method is known that reduces the effort of finding such a collision considerably compared to the brute force method (trying all combinations until you happen upon one that produces the same hash value).
Add a comment Report

Related Questions

Other people asked questions on similar topics, check out the answers they received:

PatM

Asked: Mathematical terms

in what year was the mathematical term "prime" introduced
  • Posted by PatM 5 months ago
Loren Ruesink

Asked: I'm looking for the mathematical formulas used ...

I'm looking for the mathematical formulas used in liquid fertilizer blending operations. In other words, using various materials as sources of N, P and K, what are the mathematical steps in creating ...
Anonymous

Asked Anonymously: What is the mathematical formula for PE?

what is the mathematical formula for PE?
  • Posted 10 months ago

Be The First To Answer

Other people asked questions on various topics, and are still waiting for answer. Would be great if you can take a sec and answer them


More