Lección 3
MD5 and SHA Algorithms en español
Guía en español para hash hash algorithms: Compare MD5, SHA-1, and the SHA-2 family for real development work.
Este contenido todavía no está disponible en español. Se muestra la versión en English mientras completamos la localización.
Different hash algorithms produce digests of different lengths and security margins. Choosing the wrong one can break interoperability or create a false sense of safety.
MD5 (128-bit)
MD5 is fast and still appears in legacy checksums, cache keys, and older tooling. It is not appropriate for new security-sensitive designs because collision attacks are practical. Keep MD5 for compatibility and inspection, not for proving strong integrity against motivated attackers.
SHA-1 (160-bit)
SHA-1 is mostly legacy today. Git still uses a SHA-1-based object ID format, but many platforms have moved away from SHA-1 for TLS certificates and signatures. Treat SHA-1 like MD5: useful when a spec requires it, weak for new security guarantees.
SHA-256, SHA-384, SHA-512 (SHA-2 family)
These are the common modern defaults:
- SHA-256: default choice for file checksums, content addressing, and many APIs
- SHA-384 / SHA-512: stronger variants required by some standards and platforms
All three are widely supported in browsers through the Web Crypto API.
Practical selection guide
- Verifying a modern download checksum → SHA-256
- Matching a third-party tool that still prints MD5 → MD5
- Meeting a compliance document that names SHA-512 → SHA-512
- Storing passwords → none of these alone; use Argon2, bcrypt, or scrypt
Always confirm algorithm name, hex vs Base64 output, and whether the hash covers raw bytes or UTF-8 text before comparing results.