CISSP-ISSAP · Question #210
You have been assigned the task of selecting a hash algorithm. The algorithm will be specifically used to ensure the integrity of certain sensitive files. It must use a 128 bit hash value. Which of th
The correct answer is C. MD5. MD5 (Message Digest 5) is correct because it is a hashing algorithm that produces exactly a 128-bit hash value, making it the only option that satisfies the specific bit-length requirement for integrity verification. Why the distractors are wrong: AES (A) is a symmetric encryptio
Question
You have been assigned the task of selecting a hash algorithm. The algorithm will be specifically used to ensure the integrity of certain sensitive files. It must use a 128 bit hash value. Which of the following should you use?
Options
- AAES
- BSHA
- CMD5
- DDES
How the community answered
(32 responses)- A3% (1)
- B6% (2)
- C91% (29)
Explanation
MD5 (Message Digest 5) is correct because it is a hashing algorithm that produces exactly a 128-bit hash value, making it the only option that satisfies the specific bit-length requirement for integrity verification.
Why the distractors are wrong:
- AES (A) is a symmetric encryption algorithm used for confidentiality, not hashing - it encrypts/decrypts data rather than producing a fixed-length digest.
- SHA (B) is a valid hashing algorithm family, but standard SHA-1 produces 160-bit hashes, and SHA-256/384/512 produce even larger outputs - none match 128 bits.
- DES (D) is another symmetric encryption algorithm (like AES), not a hashing function at all; it operates on 64-bit blocks for encryption.
Memory tip: Think "MD5 = 128" - both have the number 5 in them, and 128 = 2^7 (close enough to remember it's the smaller, older digest). Alternatively, note that MD5 ends in "5" and 1+2+8 = 11 → just memorize "MD5 is the mini digest at 128 bits."
Note for exam context: While MD5 is the textbook answer here based on bit length, be aware that MD5 is considered cryptographically broken and should not be used in real-world security implementations - SHA-256 or better is recommended in practice.
Topics
Community Discussion
No community discussion yet for this question.