I have to choose between two applications that use different encryption algorithms. Both use 128-bit encryption. The first application uses the MD5 algorithm and second one uses the RC4 algorithm. Which is more secure?
RC4 is a stream cipher and is used commonly in SSL and other systems. However, you must be careful when using stream ciphers, because you must *never* encrypt two pieces of data with the same key. If you do, someone can pry the data out of the system without breaking the key. Many of the wireless ethernet security breaks are these sorts of flaws. Generating a key each time is good enough, as the odds of replicating are not worth worrying about. (Assuming you have a good random number generator, etc.)
For more information on this topic, visit these other SearchSecurity.com resources:
Ask the Expert: Encryption above 3-DES
Ask the Expert: What is RC4?
Best Web Links: Encryption
This was first published in September 2002