Professional Documents
Culture Documents
Assignment # 03
Submitted To
Ma’am Rabia Aslam Khan
Submitted By
MD5:
MD5 (Message Digest Algorithm 5) is a widely used cryptographic hash function that was developed by
Ronald Rivest in 1991. It is designed to take an input of any size and produce a fixed-size 128-bit (16-byte)
hash value. MD5 operates by dividing the input message into blocks of 512 bits and processes them through
a series of rounds, manipulating the data using bitwise logical functions, modular addition, and bit rotations.
The final output is the 128-bit hash value.
Because of these vulnerabilities, MD5 is no longer recommended for cryptographic purposes such as
password storage or digital signatures. It is considered deprecated in many security contexts, and more
secure hash algorithms such as SHA-256 or SHA-3 are typically recommended for cryptographic
applications. MD5 is still used in non-security-related scenarios, such as checksums for file integrity
verification or checksums in network protocols where security is not a concern.
SHA:
SHA stands for Secure Hash Algorithm. It is a family of cryptographic hash functions that are widely used
for various applications, including data integrity verification, digital signatures, password storage, and more.
The SHA algorithms are designed to produce a fixed-size hash value that is typically represented as a
sequence of characters or bits. The SHA algorithms operate similarly by processing the input message in
blocks and performing various bitwise logical operations, modular addition, and bit rotations. The resulting
hash value is unique to the input message, making it useful for verifying data integrity or detecting changes.
When selecting a specific SHA algorithm, it is important to consider the required hash length and the level
of security needed for the particular application. SHA-256 is commonly recommended as a secure choice for
most cryptographic applications.
SHA-1:
Hash Length: 160 bits (20 bytes).
Security: SHA-1 is considered to be weak and vulnerable to collision attacks. It is no longer recommended
for security-sensitive applications due to significant vulnerabilities. Successful collision attacks have been
demonstrated, compromising its integrity and security.
Usage: SHA-1 is deprecated for cryptographic purposes. It is generally not recommended for new
applications but may still be used in non-security-critical scenarios, such as checksums for file integrity
verification.
SHA-3:
Hash Length: SHA-3 offers several hash lengths, including 224, 256, 384, and 512 bits.
Security: SHA-3 is designed to be a secure and resistant hash function. It was selected as the winner of a
competition held by NIST for a new hash standard. SHA-3 provides resistance against various cryptographic
attacks, including collision attacks and preimage attacks.
Usage: SHA-3 is recommended for cryptographic applications where a secure hash function is required. It is
suitable for a wide range of applications, including data integrity verification, digital signatures, and
password storage.
SHA-256:
Hash Length: 256 bits (32 bytes).
Security: SHA-256 is considered to be a secure hash function. It provides a higher level of security
compared to SHA-1. While no cryptographic algorithm is entirely immune to attacks, SHA-256 is widely
used and has stood up well against known attacks.
Usage: SHA-256 is commonly used in various cryptographic applications, including block chain technology,
digital certificates, and password storage. It offers a good balance between security and efficiency, making it
suitable for many applications.
Security:
AES: AES is considered a highly secure encryption algorithm. It has undergone extensive scrutiny and
analysis by the cryptographic community and has stood up well against various attacks. AES is widely
adopted and trusted for its security properties.
OTP: OTP, when used correctly, provides perfect secrecy. It is theoretically unbreakable because the cipher
text reveals no information about the plaintext. However, achieving perfect secrecy with OTP requires the
key to be truly random, never reused, and as long as the message. Maintaining these conditions can be
challenging in practice.
Key Management:
AES: AES uses symmetric key encryption, meaning the same key is used for both encryption and
decryption. The security of AES relies on keeping the encryption key secret. Key management involves
securely distributing and storing the key among authorized parties.
OTP: OTP also uses symmetric key encryption, but with a unique key for each message. The keys in OTP
must be truly random, of equal length to the message, and never reused. The distribution and secure
management of OTP keys present significant challenges, as each key must be securely generated and
exchanged in advance.
Usage Scenarios:
AES: AES is commonly used in a wide range of applications, including secure communications, data
encryption, file encryption, and cryptographic protocols. It provides a good balance between security and
efficiency.
OTP: OTP has limited practical use due to the challenges in key management and the key length
requirement. It is primarily discussed in theoretical and educational contexts to demonstrate concepts such
as perfect secrecy.