MD5 and SHA256 are two popular cryptographic algorithms, used to store sensitive data (passwords for example). In this article, we’ll see the difference between them, and which one you should use and why.
As a whole, SHA-256 is better than MD5 because the output size is twice longer and the probability of collisions is lower. SHA-256 is a bit slower than MD5, but it shouldn’t impact performances enough to not use it.
We’ll start by taking a look at each algorithm characteristics, before comparing them point by point.
Message Digest 5 (MD5)
The MD5 message-digest algorithm is a widely used hash function producing a 128-bit hash value. Although MD5 was initially designed to be used as a cryptographic hash function, it has been found to suffer from extensive vulnerabilities. It can still be used as a checksum to verify data integrity, but only against unintentional corruption.Wikipedia
In short, MD5 had two main usages over the past decades:
- Hash function: at the beginning of the Internet, it was often the default choice to store passwords in a database. This is no longer a good idea, for security reasons.
- Checksum: MD5 is a good candidate to quickly check a file integrity after a transfer. By using it as a checksum, we can assure that the file on both side is the same.
We’ll get into more details in the next paragraphs, and we’ll start with an example.
Let’s take, for instance, Bob received a message and digest pair from Alice. To verify the transparency and integrity of the received data, Bob runs the cryptographic hash function on the given message to generate a new digest. If the generated digest coincides with the one sent earlier by Alice, then it serves as a proof of integrity for the transferred file.
If you want to learn more about this function, you can read this article.
The second usage of the MD5 algorithm is as a hash function, to encode a string like a password.
For example, if we apply the MD5 algorithm to the word “MD5Online”, the result is “d49019c7a78cdaac54250ac56d0eda8a”.
And it will always be this result, whatever the tool you use.
If you want, you can go on this MD5 encryption tool and try it yourself.
From a biometric perspective, the message and digest pair is an equivalent of a physical document and a fingerprint to unlock it.
The only difference is that digest and message can be sent separately, unlike a physical document and an attached fingerprint.
- The digest should not be tampered with during transit.
- The cryptographic function is ideally infeasible to invert as it is a one-way function.
Message digest 5 function takes in data of any length and then generates fingerprint, hash or digest of a fixed length that is used as a check for integrity.
- As an integrity checker, the message digest is encrypted with the sender’s private key to provide authenticity of the message being sent.
This generated digest is referred to as a digital key and can only be decrypted by the receiver who has the sender’s public key. This way, the receiver can verify the sender and as well authenticate the integrity of the received message.
To illustrate how this function works. You can imagine how MD5 is used to check data integrity by dividing a message into blocks of 512 bits to create a digest of 32 hexadecimal digits (128-bit digest).
The MD5 algorithm is one of the fastest to use. The hash function result for a string will be instantaneous, while it will take a few seconds even for large files.
That’s why it’s still used for the checksum function, as it’s faster than most alternatives.
Why is MD5 no longer recommended?
MD5 is no longer recommended for use, as researchers have exposed how the system can be bypassed by generating collisions on commercial computers. Also, the performances of computers allow anyone to brute force a password by trying billions of passwords in a short period of time.
A collision happens when two files or strings have the same corresponding hash. It implies a security issue if you can use another password and be logged in, or replace a file by another without anyway for the receiver to see that it’s not the same.
If you need a visual support to really understand how it works, here is a interesting video on the topic:
SHA-256 stands for Secure Hash Algorithm 256-bit, and it’s used for cryptographic security.Google
SHA-256 ins based on the SHA-2 algorithm, which is an improvement of SHA-1, that you might know (more details here).
SHA-1 provided a 160 bits output, while SHA-256, as its name suggests, is a 256 bits hash function.
As for MD5, let’s start with an example, it might be clearer.
If we took the same original word “MD5Online”, the SHA-256 encrypted value will be: “c22f9aa9311ac8c339b3d9c0515989d481aa03d5a14d0d1a0ae6499bd3fc91ae”.
SHA-256 is not the fastest algorithm at all, this is not the goal. But it’s fast enough to be use in real time, to hash non-critical data, like a VPN connection, a file checksum or other messages.
There is no 100% safety guarantee when we use a cryptographic algorithm as a hash function, but SHA-256 is way better than most of the other solutions.
With an output value longer than MD5 or SHA-1 for example, and a function usage a bit slower, it will slow down a bit an attacker.
The issue is that with enough computer power, almost any basic algorithm can be bypassed on a long period.
It’s not recommended to use SHA-256 to store passwords in a database, but it can be safe enough to use it in other cases, like on a VPN connection for example.
Differences between MD5 and SHA-256
Let’s compare now the two algorithms side by side.
The MD5 algorithm produces a 128-bit output, which is expressed as a 32 characters hexadecimal.
The SHA-256 algorithm is twice longer, with 64 hexadecimal characters for 256-bits.
MD5 vs SHA-256: Which is faster?
MD5 is the fastest cryptographic algorithm. SHA-256 is about 20% slower.
If you are looking for speed as your main criteria, you can continue using MD5.
MD5 vs SHA-256: Which is the most secure?
SHA-256 is not perfect, but is a bit safer than MD5. It produces a 256-bit hash, which is twice longer as MD5. Also, the collision probability with SHA-256 is lower than with MD5.
If security is your main criteria, and you have only this two options, SHA-256 would be better. But don’t forget that no algorithm is 100% safe.
MD5 vs SHA-256: Which is better?
As a general rule, prefer using SHA-256 instead of MD5. SHA-256 returns a 256-bits value while MD5 is only 128-bits, and SHA-256 is slower than MD5, so overall SHA-256 is a bit better than MD5.
While using it for something else than a hash function, it doesn’t really matter if it’s a bit slower, so SHA-256 is a better idea, even if it’s not perfect.