Chris Haynes writes:
I understand MD-5 has been shown to have serious flaws,
cryptographically-speaking. I've seen a quote from its author, Ron Rivest
(URL
below) , advising people not to use it any more.
There has recently been published a paper suggesting that SHA-1 also,
theoretically, has a similar collision susceptibility. The same article
says
that NIST have declared that they are generating a plan to phase out SHA-1 in
favour of SHA-256 over the next few years because of this risk.
If you're trying to protect diplomatic communications or major
financial transactions, you might worry about these flaws.
However, if you're just trying to cut down on spam or phishing, MD5 or
SHA-1 will do just fine.
For comparison, consider paper mail. The overwhelming majority of
business is conducted with no more protection than a paper envelope,
which has known flaws (easily steamed open and resealed, or simply
torn open, or damaged/destroyed in transit, etc.)
Using current email is like using postcards. MD5 and SHA-1 are both a
lot safer than a sealed paper envelope. They might not quite match up
to using an armed courier carrying a locked satchel, but who cares?
--
Dick St.Peters, stpeters(_at_)NetHeaven(_dot_)com