MD5 for Software Validity
I beleive all of us have tried to download an installer through a website. But, have you ever question the integrity of that installer you downloaded? This is where checksum and hashing comes in. These are the components that we will be comparing to find out about the validity of a file as it might be corrupted or some data went missing somehow.
MD5 is one of the commonly used algorithm for hashing. It converts a data into a 128-bit hash value and with only a little change on the data, the MD5 hash result will be completely different. One of its main function is hashing software installer to make sure its validity. This is also what we call checksum which is a set of data that can be used as an error checking of the specific files. Some software developers provide their checksum for the public to see.
You could try different applications online to try find out the MD5 hash of a file, one of them is WinMD5. Try to download an installer file of a software and put it in this application and it will automatically hash the file to a MD5 hash value. Now, check your software’s website or documentation to find their checksum and put it in WinMD5 or other applications that can compare your hashed file and the checksum hash from the developer. If it is the same then you can conclude that your file is a valid software.
MD5 and SHA1 hashes
MD5 and SHA1 are both hashing algorithm that can only be processed one way. Thus, the data can only be verified by comparing the original hash value and the specific data hash value. The key differences of MD5 and SHA1 is their performance speed.
MD5 provides a faster process as its length is 128 bits. It is a simpler encryption process thus provides lower security. This algorithm is considered unsafe and today, it is used only for verifying data integrity.
SHA1 is a bit more complex hashing algorithm than MD5. It has 160 bits long message digest. It would need 2^128 iterations for attackers to exploit an MD5 algorithm, but SHA1 has higher iterations which is 2^160 thus makes it more difficult to be exploited.
However, both of these algorithm is still susceptible to collision attacks (an attack where it can reach the same hash with different data). There are other alternatives such as SHA256 and other kinds of SHA hashes which have more resistant to collision attacks as they provide higher data length. For example, SHA256 has a 256 bits output size which certainly proves to be more resistant to attacks.
SHA for SSL Certificates
The concept of using SHA hash for SSL certificate is the same as checking software validity using MD5. An SSH hash is often used to sign a SSL certificate and it makes sure that the website has not been modified. The same as checking software integrity, the received file hash value is then compared with the original hash value to ensure their originality so that users receives a valid page.
A common SHA hash type used is SHA256. There are other options like SHA384 or SHA512, but all of these types are basically very difficult to be compromised. And another consideration is the speed, SHA256 uses the least bandwidth and processing power between the three which would be best for loading websites. Most systems are also not compatible with the SHA284 and SHA512, therefore SHA256 is a widely used and secure algorithm for SSL certificates.
Marcellus's Blog 