Caution: Do not use xxHash where an adversary can control inputs and the hash is used for security decisions (e.g., allowing access, signing a contract, verifying software authenticity). Use SHA-256 or SHA-512 instead.
xxHash is faster than even CRC32 in many cases, and can run at RAM speed limits.
Developed by Ronald Rivest in 1991, MD5 was designed to replace its predecessor, MD4. It produces a 128-bit hash value (32 hexadecimal characters). For nearly two decades, it was the standard for checksums, password storage (with salts), and digital signatures. xxhash vs md5
The Fall: In 1996, collisions (two different inputs producing the same output) were found. By 2008, researchers demonstrated a practical collision attack against the Certificate Transparency log. Today, MD5 is considered "cryptographically broken." You should never use it for security.
Designed by Ronald Rivest in 1991, MD5 was the internet standard for data integrity for over a decade. It produces a 128-bit (16-byte) hash value, typically rendered as a 32-character hexadecimal string. Caution: Do not use xxHash where an adversary
While MD5 is still ubiquitous, it is considered cryptographically dead. You cannot rely on it to verify that a file hasn't been maliciously altered by an attacker. However, it is still safe to use for accidental corruption detection (e.g., a bit flip during a hard drive transfer).
xxHash is a non-cryptographic hash algorithm family created by Yann Collet. It is designed primarily for speed. The most common variants are xxHash32 and xxHash64. xxHash is faster than even CRC32 in many
start = time.time() xxh_hash = xxhash.xxh64(data).hexdigest() xxh_time = time.time() - start print(f"xxHash: xxh_hash in xxh_time:.2f seconds")
print(f"Speedup: md5_time / xxh_time:.2fx")
Expected Output:
MD5: c8c7e8f1c9a1b2c3d4e5f6a7b8c9d0e1 in 4.20 seconds
xxHash: e3b0c44298fc1c14 in 0.18 seconds
Speedup: 23.33x