MD5 and SHA are hash functions that take a piece of data, compact it, and create a unique output that is very hard to duplicate with a different piece of data. You cannot take MD5 or SHA output and “unhash” it to get back to your starting point. The difference between the two lies in what algorithm they use to create the hash.
SHA – stands for the secure hash algorithm. Introduced in 1993 by the NSA with SHA0, it generates unique hash values from files.
There are several versions of SHA:
• SHA0 (obsolete)
• SHA1 (easily reversed)
• SHA2 (SHA2 is a family consisting of SHA256 and SHA512)
• SHA3 (not yet widely used)
There are several differences in MD5, SHA1, and SHA256, most notably, the hash length. Once again, using our “hello” example (all lower case, no quotations):
Obviously, the more characters, or longer the hash, the less likely the “code” is broken. Regardless, the hash is still subject to attack. There are two kinds of attacks specific to hash:
• Collision is when two different files produce an identical hash. It is then possible to substitute a file for another.
• Preimage is an attack in which hash functions attempt to find a message with a specific has value.
The first one consists of ‘guessing’ a file value from its hash. The other uses a hash to create a value different from the one used to generate the hash.