CNG, CryptoServiceProvider and Managed implementations of HashAlgorithm

Question

So I was wondering if there are any major differences between the various implementations of the hash algorithms, take the SHA series of algorithms for example. All of them

Answer 1

One difference is that the native versions (at least some of them) are FIPS-certified (i.e., approved by the US government), whereas the managed ones are not. If your code happens to be running on a Windows machine that has been configured as "FIPS only", attempts to use the managed versions will fail.

Most Windows machines are not configured in that way, but if you're deploying to a government- or defense-oriented (or other highly secure) environment you may run into this situation.

See http://blogs.msdn.com/shawnfa/archive/2005/05/16/417975.aspx.