Certified Ethical Hacker (CEH) Practice Exam

MD5 is considered obsolete primarily because it has known vulnerabilities that can be exploited. Specifically, researchers have identified various weaknesses in the MD5 algorithm, including its susceptibility to collision attacks. A collision occurs when two different inputs produce the same hash output, which can undermine the integrity of data verification processes. Attackers can take advantage of these vulnerabilities to forge signatures or manipulate data without detection. As a result of these identified vulnerabilities, the use of MD5 for cryptographic purposes—such as creating digital signatures or verifying the integrity of files—is strongly discouraged in favor of more robust hashing algorithms, like SHA-256, which provide enhanced security features and resistance against these types of attacks. The other options do not accurately capture the primary reason MD5 is considered obsolete. The hashing algorithm does not specifically have slow processing times compared to other hashing methods, does not require very large keys (as it operates on fixed-size messages and produces a 128-bit hash), and is not classified as a symmetric encryption method; MD5 is a hashing algorithm rather than an encryption algorithm. Thus, the recognition of its vulnerabilities is the key factor leading to its obsolescence.