Ask the Expert

MD5 versus RC4 with 128-bit encryption

I have to choose between two applications that use different encryption algorithms. Both use 128-bit encryption. The first application uses the MD5 algorithm and second one uses the RC4 algorithm. Which is more secure?

    Requires Free Membership to View

MD5 is a hash (or message digest) algorithm, not an encryption algorithm. So it would be less secure than any cipher you could pick.

RC4 is a stream cipher and is used commonly in SSL and other systems. However, you must be careful when using stream ciphers, because you must *never* encrypt two pieces of data with the same key. If you do, someone can pry the data out of the system without breaking the key. Many of the wireless ethernet security breaks are these sorts of flaws. Generating a key each time is good enough, as the odds of replicating are not worth worrying about. (Assuming you have a good random number generator, etc.)

If you are storing data in a data base, encrypting files or other things, you should use a block cipher, like AES, Twofish, CAST-128 or Triple-DES.

For more information on this topic, visit these other resources:
Ask the Expert: Encryption above 3-DES
Ask the Expert: What is RC4?
Best Web Links: Encryption

This was first published in September 2002

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: