Which of the following statements are true regarding hashing?
A.
SHA-256 is an extension to SHA-1 with a longer output
B.
SHA-1 is stronger than MD5 because it can be used with a key to prevent modification
C.
MD5 takes more CPU cycles to compute than SHA-1
D.
MD5 produces a 160-bit result
E.
Changing 1 bit of the input to SHA-1 changes 1 bit of the output
Explanation:
Explanation
Answer A is incorret because, in cryptography, MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value. As an Internet standard (RFC 1321). It is easy to generate MD5 collisions, it is possible for the person who created the file to create a second file with the same checksum, so this technique cannot protect against some forms of malicious tampering
The SHA hash functions are five cryptographic hash functions designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard. SHA stands for Secure Hash Algorithm. Hash algorithms compute a fixed-length digital representation (known as a message digest) of an input data sequence (the message) of any length. They are called “secure” when (in the words of the standard), “it is computationally infeasible to:
find a message that corresponds to a given message digest, or find two different messages that produce the same message digest. Any change to a message will, with a very high probability, result in a different message digest.” B is correct and C is incorrect because of the following The five algorithms are denoted SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512. The latter four variants are sometimes collectively referred to as SHA-2. SHA-1 produces a message digest that is 160 bits long; the number in the other four algorithms’ names denote the bit length of the digest they produce.
SHA-1 is employed in several widely used security applications and protocols, including TLS and SSL, PGP, SSH, S/MIME, and IPsec. It was considered to be the successor to MD5, an earlier, widely-used hash function.
E is incorroct because of the following
The security of SHA-1 has been somewhat compromised by cryptography researchers[1]. Although no attacks have yet been reported on the SHA-2 variants, they are algorithmically similar to SHA-1 and so efforts are underway to develop improved alternative hashing algorithms.[2]HYPERLINK l “_note-2″[3] An open competition for a new SHA-3 function was formally announced in the Federal Register on November 2, 2007. [4] “NIST is initiating an effort to develop one or more additional hash algorithms through a public competition, similar to the development process for the Advanced Encryption Standard (AES).”[5] Submissions are due October 31, 2008 and the proclamation of a winner and publication of the new standard are scheduled to take place in 2012.