LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

Which common hash functions are considered deprecated, and which are currently recommended?

MD5 (128-bit) and SHA-1 (160-bit) are deprecated and must not be used for signatures; SHA-2 (256/512-bit) and SHA-3 are currently recommended.

Hash Function Output Size Status
MD5 128 bits Broken — collisions found in 2004, practical attacks exist
SHA-1 160 bits Deprecated — collision found by Google in 2017 (SHAttered)
SHA-2 (SHA-256, SHA-512) 256 / 512 bits Recommended — currently standard
SHA-3 (Keccak) 256 / 512 bits Recommended — different internal structure from SHA-2

Why does this matter? If an attacker can find collisions in a hash function, they can forge digital signatures. For example, they could create two documents with the same hash — one innocent, one malicious — get the innocent one signed, then substitute the malicious one.

Tip: SHA-2 and SHA-3 are both secure, but they use fundamentally different internal designs (Merkle-Damgård vs. sponge construction). Having both provides defense in depth — if one design is broken, the other likely survives.

Go deeper:

  • doc SHA-1 — the deprecation history and the SHAttered break.
  • chart SHAttered — first SHA-1 collision — two different PDFs with the same SHA-1 hash, with downloadable proof.
  • doc MD5 — why MD5 is catastrophically broken for signatures.

From Quiz: KRYPTOG / Fundamentals of Cryptography | Updated: Jul 14, 2026