Which of the following correctly describes the output length of the MD5 and SHA-256 hashing algorithms?
Think about the number in the SHA-256 name and the standard output size of MD5.
MD5 outputs a 128-bit (16-byte) hash. SHA-256 outputs a 256-bit (32-byte) hash, which is twice as long, providing stronger security.
Which statement best explains the concept of collision resistance in hashing algorithms like SHA and MD5?
Consider what 'computationally infeasible' means compared to 'impossible'.
Collision resistance means that while collisions can theoretically exist, it is extremely hard to find two different inputs with the same hash output using current computing power.
Given that MD5 is widely considered insecure today, what is the main reason for this status?
Think about what collision attacks mean for hash security.
MD5 is vulnerable to collision attacks, meaning attackers can find two different inputs that produce the same hash, undermining its reliability for security.
Which of the following correctly compares SHA-1 and SHA-256 in terms of security and output size?
Recall the bit lengths and known vulnerabilities of SHA-1.
SHA-1 outputs 160 bits but has known vulnerabilities making it less secure. SHA-256 outputs 256 bits and is currently considered secure.
You need to store user passwords securely in a database. Which hashing algorithm choice is best and why?
Think about what makes password hashing different from general hashing.
MD5, SHA-1, and SHA-256 are general-purpose hashes and are fast, which makes them vulnerable to brute-force attacks. Specialized algorithms like bcrypt or Argon2 are designed to be slow and include features like salting, making them better for password storage.