Blast from the Past
There are many means of implementing an encryption algorithm in your applications, and MD5 is one of them. You may implement a very straightforward, simple MD5 hashing algorithm directly from the user input, or you may choose to utilize a more complex salted approach. Whichever type of encryption you choose to implement, it's advised to utilize a fairly strong algorithm for sensitive data such as passwords or social security numbers when decrypting the value isn't necessary. There are times when an encrypted value must be decrypted. Under those circumstances, alternative methods are available such as RSA, SHA1, Blowfish, Rijndael (pronounced "Rain Doll" and also known as AES), and TripleDES.
In today's development world, Rijndael (a.k.a., AES) and TripleDES are the leaders in new development implementations, and they are both great examples of a strong balance between security and performance. They're both private-key encryptions and have yet to be broken consistently. It's highly recommended to avoid using anything other than Rijndael for files that have a sensitivity lifespan greater than 7 years; however, for most developers and applications, this will never be an issue. For those interested in cryptography, it's best to further your knowledge in the different types of encryptions available: Public-Key, Private-Key, and Hashing Algorithms.
There are many options available for cryptography purposes, and in this article, we only covered MD5 (Hashing Algorithm). It's best to use multiple means of encryption in your applications to keep the unwanted seeker continually seeking rather than finding.
For further reading on cryptography with the .NET Framework, you may visit the following sites.
- http://msdn.microsoft.com/library/en-us/cpqstart/html/cpsmpnetsamples-howtocryptography.asp?frame=true
- http://www.gotdotnet.com/team/clr/cryptofaq.htm
- http://www.ftponline.com/vsm/2003_03/magazine/features/vandersypen/
- http://www.developer.com/net/net/article.php/1548761
- http://csrc.nist.gov/CryptoToolkit/aes/rijndael/
- http://labmice.techtarget.com/security/crypto.htm
If you have more information that you feel should be addressed in terms of cryptography or the MD5 hashing algorithm, please leave a note for discussion. Furthermore, if you've used cryptography in the past or use it now, please let us know how it's working for you and any issues you may have run into. There's no point in reinventing the wheel, and general discussions on the topic shouldn't sacrifice your applications security level.