Is there an alternate hashing algorithm to MD5 for FIPS-enabled systems?

Question

Whenever I try to use MD5 on a Windows XP machine that has FIPS enabled, I am getting a System.InvalidOperationException.

Is there an alternate algorith

Answer 1

When you enforce FIPS compliance in the Windows security policy settings, you're asserting that you are only going to use FIPS-certified encryption and hashing algorithms. MD5 is not one of these approved hashing algorithms, and that's why the exception is being thrown.

The workaround is simple: choose a different hashing algorithm. The .NET Framework provides plenty of other options in the System.Security.Cryptography namespace. Select one of the SHA family of algorithms. I can't imagine any reason you would have to use MD5 as opposed to one of the alternatives.