Comment 4 for bug 1348339

Revision history for this message
Robert Clark (robert-clark) wrote :

@Jeremy there are more issues than just collisions in MD5, for a start the search space for an MD5 hash is completely tractable due to rainbow tables, pre-image attacks are also theoretically possible in addition to the collisions you describe.

In summary, it's appropriate to use MD5 for corruption checks where there's no possibility of malicious attempts to breach file integrity but this is rarely the case and SHA hashes should probably just replace md5 across the board.