Quote Originally Posted by oofki
Ive heard the same thing ildjarn but i think that was just a rumor i dont think it was confirmed. As far as Md5 it is a great algo but since rainbow tables were introduced it is not as secure. Same with any hash really rainbow tables can be made which can make the stored password useless if the hash is obtained.

Edit: I looked into that chinese thing and I think all they found is a way to produce md5 collisions which is not really a big deal any irreversible algo has collisions afaik..
Any hashing function that returns a fixed size string, will of course have collisions, finite amount of output, infinate amounts of input. It is the strength of the function that will make it difficult to find these collisions and to limit the number the best it can, however when you can start to predict these collisions it is safe to say the hash has been broken, go look at linux distro download sites, what do they use to validate a valid iso? md5, now that we can predict collisions we can theortically create 2 isos with the same hash, but very different data, lets say a logging method attached to the pam modules? It is also not just isos many applications use md5 to ensure the validity of their binaries, and what of tripwire, can we trust it anymore? While im sure a preimage attack is a long way off, as i said in my previous post, seeing a cell processor churn out 1.8 billion hashes a second, md5 is as good as broken(well in mine and many other security experts eyes).