"Randell D." <yo**************************@yahoo.com> wrote in message
news:lH**********************@news1.calgary.shaw.c a...
Folks,
I use md5 hash with some of my cookies and occassionally a hidden form
field - I know the physical data on my network is insecure (unless being
served via https) but I was wondering if there are any advantages to using
md5 over sha1 or versa vicea... I know md5 gives me a unique 32bit hash
while sha1 I've read is 'secure' (?) and gives a 40bit hash... Since The
technical webpage on sha1 is lengthy and for the most part over my head...
and other than today, I've never heard of it before... I was wondering if
anyone could offer any comments on it...
Cheers
randelld
First of all the hash length you mention are much to short to offer any
security.
md5 = 128 bit
sha-1 = 160 bit
If you are not working on high-security stuff it makes no real difference
for you but if it's your decision and there is an available sha-1 imple-
mentation for you platform then i see no reason why to use the old
md5 stuff.