On Mon, Jul 16, 2012 at 12:04 PM, Rob Weir <[email protected]> wrote: > or verifying the MD5 hashes.
SHA1 :) ---- In 2004, more serious flaws were discovered in MD5, making further use of the algorithm for security purposes questionable—specifically, a group of researchers described how to create a pair of files that share the same MD5 checksum.[4][5] Further advances were made in breaking MD5 in 2005, 2006, and 2007.[6] In December 2008, a group of researchers used this technique to fake SSL certificate validity,[7][8] and US-CERT now says that MD5 "should be considered cryptographically broken and unsuitable for further use."[9] and most U.S. government applications now require the SHA-2 family of hash functions ---- http://en.wikipedia.org/wiki/MD5 FC
