SHA512优于MD5的原因 [英] Reasons why SHA512 is superior to MD5

问题描述

我想知道我是否可以解释为什么SHA512是一个优越的哈希算法到MD5的原因或链接。

I was wondering if I could reasons or links to resources explaining why SHA512 is a superior hashing algorithm to MD5.

推荐答案

这取决于您的用例。你不能广泛地宣称优越性。 （我的意思是，是的，你可以，在某些情况下，但是严格的，你不能真的）。

It depends on your use case. You can't broadly claim "superiority". (I mean, yes you can, in some cases, but to be strict about it, you can't really).

但有一些地方， ：

1. 对于初学者：MD5旧，常见。有很多彩虹表反对它，他们很容易找到。所以如果你密码（没有盐 - 可耻的你！） - 使用md5 - 你可能不是哈希他们，他们很容易找到。


2. 第二，MD5不再是安全的加密散列函数（确实，它甚至不被认为是加密散列函数，因为Forked一点指出）。您可以生成散列为相同值的不同消息。所以如果你有一个带有MD5哈希的SSL证书，我可以生成一个重复的证书，说明我想要的，产生相同的散列。


3. 第三，与邮件类似，您也可以生成不同的文件 a href =http://www.win.tue.nl/hashclash/SoftIntCodeSign/ =nofollow noreferrer>该哈希值为相同的值，因此使用MD5作为文件校验和是broken。

1. For starters: MD5 is old, and common. There are tons of rainbow tables against it, and they're easy to find. So if you're hashing passwords (without a salt - shame on you!) - using md5 - you might as well not be hashing them, they're so easy to find. Even if you're hashing with simple salts really.
2. Second off, MD5 is no longer secure as a cryptographic hash function (indeed it is not even considered a cryptographic hash function anymore as the Forked One points out). You can generate different messages that hash to the same value. So if you've got a SSL Certificate with a MD5 hash on it, I can generate a duplicate Certificate that says what I want, that produces the same hash. This is generally what people mean when they say MD5 is 'broken' - things like this.
3. Thirdly, similar to messages, you can also generate different files that hash to the same value so using MD5 as a file checksum is 'broken'.

现在，SHA-512是一个 SHA-2 Family 散列算法。 SHA-1是一种被认为是eh，这些天，我会忽略它。然而，SHA-2对它的攻击相对较少。维基百科的主要内容是一轮缩影前的攻击这意味着如果你以一个可怕的错误方式使用SHA-512，我可以打破它。有意思的是，你不可能以这种方式使用它，但攻击只会变得更好，这是一个很好的跳板，更多的研究来打破SHA-512以同样的方式MD5破碎。

Now, SHA-512 is a SHA-2 Family hash algorithm. SHA-1 is kind of considered 'eh' these days, I'll ignore it. SHA-2 however, has relatively few attacks against it. The major one wikipedia talks about is a reduced-round preimage attack which means if you use SHA-512 in a horribly wrong way, I can break it. Obivously you're not likely to be using it that way, but attacks only get better, and it's a good springboard into more research to break SHA-512 in the same way MD5 is broken.

但是，在所有可用的哈希函数中，SHA-2系列目前是最强的，是考虑共性，分析和安全性的最佳选择。 （但不是必须加快速度，如果您使用的是嵌入式系统，则需要进行其他分析。）

However, out of all the Hash functions available, the SHA-2 family is currently amoung the strongest, and the best choice considering commonness, analysis, and security. (But not necessarily speed. If you're in embedded systems, you need to perform a whole other analysis.)

这篇关于SHA512优于MD5的原因的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！