Top Hashing and Encryption Algorithms?

Question

I know many web projects still use the older MD5() or SHA1() when creating hashes. However, in my projects I have been using SHA256 for stronger/longer hashes since when I last checked the there was some question about which hashes were the bester ones to use. So I just chose the government standard (at the time).

However, I'm wondering if in the last couple years we now have a more recommended hashing algos?

Here are some common hashing algorithms:

md4/5, sha, ripemd, whirlpool, tiger, snefru, gost, adler32, crc32, haval

Which are different from encryption algorithms such as:

3DES, ARCFOUR, BLOWFISH, CAST_256, CRYPT, DES, DES_COMPAT, ENIGMA, GOST, IDEA, 
LOKI97, MARS, PANAMA, RIJNDAEL, RC6_256, SAFER64, SAFER128, SAFERPLUS,
SERPENT, SKIPJACK, TEAN, THREEWAY, TRIPLEDES, TWOFISH, WAKE, XTEA,

As a side note, I've heard RIJNDAEL won a competition and will be replacing DES in some applications and blowfish has also had some nice things said about it.

Answer 1

There is a competition for the new SHA-3 going on at NIST. There are entries by some famous cryptographers such as Knudsen and Schneier.

Answer 2

Hashing

I've defaulted to using SHA256 these days; I won't touch MD5, and I'll only use SHA1 on legacy projects if I have no choice. I think SHA512 is going a little overboard for basic hashing, though it has its uses.

Encryption

I use AES256 encryption for most projects, although I have worked with 3DES in the past.

You know, I don't think I've seen DES used in a project in the last couple of years.

I don't really feel the need to change either Hashing or Encryption unless NIST recommend it.

Answer 3

Dont use MD5 or SHA1 if you need security, since they have been broken. The SHA2 family is alright.

A subset of RIJNDAEL is the AES specification (since 2002). BLOWFISH, CAST_256, GOST, IDEA,MARS, RC6_256, SAFERPLUS, SERPENT, TWOFISH are alright to be used, although most sites use rc4/5 and aes. the rest are more or less useless, even though many of them are good

and you repeated some of the names in your list

Answer 4

I don't know about most of those, but DES by itself is not secure (see The Wikipedia article). Triple DES might be all right, but the standard these days is AES (formerly known as Rijndael), so I would go with that instead.

Also, I notice you didn't include RSA or public key elliptic-curve cryptosystems in your list. I imagine that's because you know they aren't suitable for what you want, but if you haven't thought about them then you might want to consider them.

Answer 5

AES is the way to go for encryption. In addition to the other reasons cited here Intel and AMD are including hardware support in future processors. The instructions are available in a couple of processors available today although I don't know if any compilers in major use currently include replacing calls to an AES library with SSE intrinsics in an optimization pass. Certainly there will be a time when if you rev your compiler the functionality will be there and your code will just run faster.

Answer 6

The purpose of a hash is to uniquely represent some data by a number. All of the mentioned hash algorithms do that quite well. Md4 can be reversed in a few hours on a Pentium4. Md5 can be reversed in certain situations. However, that doesn't mean you shouldn't use any of those algorithms, it just means you should be aware of the algorithm you're using and what you're using it for.

So the recommendation is the same as it's always been: use the appropriate algorithm for the data that you are hashing / encrypting.

(You forgot to include ROT13 in the encryption list)

Answer 7

Quick answer: For encryption, use AES/Rijndael with a key size of 256, for hashing use SHA-256 or higher.

Encryption

AES is a standard of using the Rijndael cipher, and is the most widely-accepted encryption algorithm. It is not necessarily the most secure mathematically. The only known attacks on it right now are side-channel attacks, but that's the fault of the implementation or platform you are encrypting on.

The Rijndael cipher was chosen because it seems to be the most performant algorithm in a variety of different systems of all bit sizes tested, and it is also extraordinarily secure. If you have control over your systems, replacing government-standard DES encryption with AES will be a great step.

Other highly-secure ciphers are Twofish, Serpent and RC6.

The following ciphers are outdated and either deprecated in favor of a newer cipher, or are a travesty of computer science: DES, Triple DES, Blowfish, and MARS.

Hashing

My assumption is that you're hashing with the intent of security, since you're asking the question specifically with security in mind.

As others have said, Md4/MD5 are relatively "easy" to break, and the SHA-1 hash has weaknesses in certain situations as well. CRC is commonly used for error detection, so maybe not the best choice for hashing per se.

For a hash, you basically just want to choose the largest block size possible, and use a salt value to avoid rainbow attacks. SHA-256 and above are still considered very secure, although your implementation is always the weak point with hashing.

Answer 8

The algorithms you list are primarily for commercial applications. There are a number of others that the NSA has approved for different uses for the U.S. Federal government. Some of the Type 1 algorithms are actually classified (e.g. BATON).

Also, the Advanced Encryption Standard (AES) is actually a subest of the possible Rijndael modes. The AES specification calls for 128, 192 or 256 bit key sizes and 128 bit block sizes. Rijndael can also operate on block sizes of 192 or 256 bits which are not part of the AES standard.