Q

MD5 versus RC4 with 128-bit encryption

I have to choose between two applications that use different encryption algorithms. Both use 128-bit encryption.

The first application uses the MD5 algorithm and second one uses the RC4 algorithm. Which is more secure?


MD5 is a hash (or message digest) algorithm, not an encryption algorithm. So it would be less secure than any cipher you could pick.

RC4 is a stream cipher and is used commonly in SSL and other systems. However, you must be careful when using stream ciphers, because you must *never* encrypt two pieces of data with the same key. If you do, someone can pry the data out of the system without breaking the key. Many of the wireless ethernet security breaks are these sorts of flaws. Generating a key each time is good enough, as the odds of replicating are not worth worrying about. (Assuming you have a good random number generator, etc.)

If you are storing data in a data base, encrypting files or other things, you should use a block cipher, like AES, Twofish, CAST-128 or Triple-DES.


For more information on this topic, visit these other SearchSecurity.com resources:
Ask the Expert: Encryption above 3-DES
Ask the Expert: What is RC4?
Best Web Links: Encryption


This was first published in September 2002

Dig deeper on Disk Encryption and File Encryption

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close