unmanaged wrote:

If you want some more in-depth reading jump on over here...

MD5 To Be Considered Harmful Someday:
From Dan Kaminsky, a senior Senior Security Consultant for Avaya, and a part of the DoxPara Research team...

http://www.doxpara.com/md5_someday.pdf
http://www.doxpara.com/research/md5/...ful-slides.pdf
http://www.doxpara.com/research/md5/confoo.pl

Stach & Liu have some well document information on MD4/5 Collisions...
http://www.stachliu.com.nyud.net:809...ollisions.html

We live in a world that has to much "security via obscurity" or a "don't ask don't" tell policy on security problems...

Even back in 2005 MS and Big Bill's Boys banned the use of DES/MD4/MD5 on their projects, but even SHA1 and other systems they have chosen are still looking to be prone to attack.

I dug up a little info for this reply to someone... Can anyone provide some more input on the problems with MD5

You've pretty much covered it. Although rainbow tables of the sort Freakn describes can be created (and have) for simple values hashed with any hash, MD5 in particular was shown to have a flawn which made it easier to find two values which would hash to the same result. This problem was enough for people to being moving away from it's use, and there is now an NIST effort to come up with new hash algorithms as SHA-1 has also been attacked. The current best practice is to use SHA-512, but this is shacky ground presently.

RE: Just how secure is MD5?