Message Digest 5 MD5 and Secure Hash Algorithm SHA

Several hashing algorithms are available. The two discussed here are MD5 and SHA (sometimes called SHA-1).

Message hashing is an encryption technique that ensures a message or data has not be tampered with or modified.

MD5 Message hashing is supported on Cisco IOS routers. A variable-length message is taken, the MD5 algorithm is performed (for example, the enable secret passwords command), and a final fixed-length hashed output message is produced. MD5 is defined in RFC 1321.

Figure 5-10 displays the MD5 message operation.

Figure 5-10 MD5 Operation

Clear Text message of variable length "Hello, it's me"

MD5 hash algorithm applied here.

Unreadable message is now hashed, fixed length.

4w5645968234t43ty34t5n 45y654y67365346316464n

Figure 5-10 displays the simple clear text message, "Hello, it's me," which can be of any variable length. This message is sent to the MD5 process, where the clear text message is hashed and a fixed-length, unreadable message is produced. The data can include routing updates or username/password pairings, for example. MD5 produces a 128-bit hash output.

Secure Hash Algorithm (SHA) is the newer, more secure version of MD5, and Hash-based Message Authentication (HMAC) provides further security with the inclusion of a key exchange. SHA produces a 160-bit hash output, making it even more difficult to decipher. SHA follows the same principles as MD5 and is considered more CPU-intensive.

For more details on Cisco IOS encryption capabilities, please visit the following website:

www.cisco.com/en/US/tech/tk583/tk209/tech_protocol_family_home.html

0 0

Post a comment