To have a clear understanding of the difference between MD5 and SHA we have to discuss them separately. The SHA is nothing but a group of cryptographic hash functions that is published by none other than NIST( National Institute of Standard and Technology).
Now there are various versions of SHA and they can be listed as follows.
SHA -0 is nothing but a retronym that is used to name the very old version of the 160 bit has application, this was published way back in the year 1993 and was named SHA. However this was discontinued within a very short time as it was rumored to have a flaw.
SHA-1resembled an earlier MD5 algorithm and this was put together by the NSA to be included in the DSA ( Digital signature algorithm). The weaknesses in the Cryptographic were soon discovered in this version and so this was no longer approved.
SHA2 is a group of two hash functions that are very similar to one another and has two different sizes of blocs SHA-512 and SHA- 256. These are very different in terms of word size. The SHA 256 utilizes 32 bit words and the SHA512 utilizes words that are 64 bits. There are also certain truncated versions such as the SHA 384 and SHA 224. These are also put together by the NSA.
On the other hand MD5 is a function that has many uses not just one. This is basically used to run a check on the files that are downloaded. This is also used to generate hash for the user data and is used for the purpose of authentication for checking the integrity messages and various other data.
MD5 generators may also be on the net to add encryption for the various user details like passwords and usernames. The generated hashes can sometimes be compared to the hashes that are also stored just to make sure that all the details are entered properly. These hashes cannot be changed so it means that when you enter a value you cannot go back to the previous value. MD5 also make strong validation functions. Let us say that hashes that are generated to verify if a file is complete, free from corruption and has not been altered in any way. However this does not guarantee that a file is exactly what a supplier claims it to be. Since the supplier provided the has that has been generated and the particular file in question, this can be used to make sure that whole file is sent with all of its content.
However MD5 has its set of weaknesses and should be refrained from being used in critical applications where security should be very high. However in most situations that require hash functions MD5 is said to be the best possible solution.
So by now you have understood the difference between MD5 and SHA and so try to follow the tips in this article and you shall have no trouble in using the best hash function.