# Which is better between MD5 vs SHA256?

403    Asked by AndreaBailey in SQL Server , Asked on Jan 11, 2022

How much safer is the use of the SHA256 hashes for integrity checks? I read on wikipedia about collisions that a collision or clash is a situation that occurs when two distinct pieces of data have the same hash value, checksum, fingerprint, or cryptographic digest.[1]

Due to the possible applications of hash functions in data management and computer security (in particular, cryptographic hash functions), collision avoidance has become a fundamental topic in computer science.

Collisions are unavoidable whenever members of a very large set (such as all possible person names, or all possible computer files) are mapped to a relatively short bit string. This is merely an instance of the pigeonhole principle.

Answered by Amit raj

Based on your note of "no attacks" it seems to me that you are asking:

"What is the probability that a random change (e.g., bit flip during download) to a file will result in creating a new/different file with the same checksum as the original file?"

``````For the case of MD5, this probability is: 1/(2^128) = 2.94e-39 = 0.00000000000000000000000000000000000000294
For the case of SHA256, this probability is: 1/(2^256) = 8.64e-78 = 0.000000000000000000000000000000000000000000000000000000000000000000000000000000000000000864
Important Caveat: In the above-mentioned hypothetical case of random changes, out of MD5 vs SHA256, both MD5 and SHA256 are fine choices. However, in real life, the MD5 hash function is frowned upon because it has been broken (collisions have been found). So, the real life advice is: use SHA256 not MD5 for file integrity.
Update based on comments: I'm referring to MD5 as "broken" to mean (basically) that collisions have been found. One of the main conjectured properties of MD5 was "that it is computationally infeasible to produce two messages having the same message digest..." (RFC 1321) Because it is possible to violate this property, I've called MD5 "broken," which is perhaps a little harsh. I still see MD5 used all the time, and I still use it myself all the time. It is fine to use MD5 in certain circumstances, especially when there is no other option.``````