Re: md5 collision

julissa.leones@xxxxxxxxxxxx wrote:

> What encription algorithm should i use for replacing the md5 for
> hasing?I understand that it was release the source code of the
> application that could make md5 collision

The best alternative at present is SHA256. If you want
less than 256 bits of hash, compute SHA256 and truncate
the result.

Note that the ability to produce collision pairs for MD5
is *not* fatal for applications like (1) password hashing
or (2) confirming that downloaded software matches the
official distribution, since both these uses
depend on the difficulty of finding a pre-image
for a specific hash.

Peter Pearson
To get my email address, substitute:
nowhere -> spamcop, invalid -> net