This week's book giveaway is in the Java 8 forum.
We're giving away four copies of Java 8 in Action and have Raoul-Gabriel Urma, Mario Fusco, and Alan Mycroft on-line!
See this thread for details.
The moose likes Security and the fly likes cryptography vs security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "cryptography vs security" Watch "cryptography vs security" New topic
Author

cryptography vs security

sri ramvaithiyanathan
Ranch Hand

Joined: Nov 20, 2010
Posts: 109
Hi,
I did sample programs in cipher,md5 and sha.
But i dont know which is best in terms of security.
Kindly let me know which one is good to use and reason for the same.
You can add other algorithm also but i wanna know the secure one.

1)cipher cryptography
2)MD5
3)SHA.

Thanks in advance.

Regards,
Sriram.V


For java examples,ebooks,interview questions,visit this blog
http://periodicupdates.blogspot.com/
Jesper de Jong
Java Cowboy
Saloon Keeper

Joined: Aug 16, 2005
Posts: 13884
    
  10

MD5 and SHA are cryptographic hash functions. Note, that page contains a list of different algorithms, including some MD5 and SHA variants. I'm not an expert in this, but as far as I know SHA is more secure than MD5.

Java Beginners FAQ - JavaRanch SCJP FAQ - The Java Tutorial - Java SE 7 API documentation
Scala Notes - My blog about Scala
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 39578
    
  27
The important point to realize is that ciphers offer two-way encryption. That means if you encrypt something you can later decrypt it, thus getting back the original cleartext. AES is a good standard choice for encryption.

MD5 and SHA are both hashes (or digests) which implement one-way encryption. Once something is hashed there is no way to get back the original cleartext (there's no decryption). MD5 should be considered obsolete at this point, as should SHA-1; that leaves SHA-2 as the standard choice.

The http://www.coderanch.com/how-to/java/SecurityFaq#encryption links to much more information on this, as well as JCE, the standard Java API for encryption.


Ping & DNS - updated with new look and Ping home screen widget
sri ramvaithiyanathan
Ranch Hand

Joined: Nov 20, 2010
Posts: 109
jesper and ulf thanks for your effort.
Shall i take like this in terms of security sha or md5 is more security compared to cipher.
Because cipher shows the original string after decryption.

Regards,
Sriram.V
James Sabre
Ranch Hand

Joined: Sep 07, 2004
Posts: 781

sri ramvaithiyanathan wrote:jesper and ulf thanks for your effort.
Shall i take like this in terms of security sha or md5 is more security compared to cipher.
Because cipher shows the original string after decryption.


The context and detail of what you are doing is everything. If you are trying to secure user passwords when one does not need to be able to recover the password then using a message digest with random salt is usually the most secure. If one is trying to secure data that one needs to be able to recover then obviously one can't uses a message digest (since you can't recover the original) and one need to use encryption.


Retired horse trader.
 Note: double-underline links may be advertisements automatically added by this site and are probably not endorsed by me.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: cryptography vs security
 
Similar Threads
CMP vs. BMP concerning encrypted data
SHA encryption algorithm doubt
Using a one way hash for Password encryption
encrypt password on login form?
Doubts on Security