Which of the following algorithms has well documented collisions? (Choose two.)
B: MD5 biggest weakness is that it does not have strong collision resistance, and thus it is no longer
recommended for use.
C: SHA-1 (also known as SHA) is being retired from most government uses; the U.S. National Institute of
Standards and Technology said, “Federal agencies should stop using SHA-1 for…applications that require
collision resistance as soon as practical, and must use the SHA-2 family of hash functions for these
applications after 2010″, though that was later relaxed.
Note: The hashing algorithm must have few or no collisions. This means that hashing two different inputs does
not give the same output.
Cryptographic hash functions are usually designed to be collision resistant. But many hash functions that were
once thought to be collision resistant were later broken. MD5 and SHA-1 in particular both have published
techniques more efficient than brute force for finding collisions.