note Anonymous Monk <blockquote><i>While it might be amusing to watch people run around in panic over this, I wish they'd stop. They've been told for years that they should avoid MD5; I'm just surprised this discovery wasn't made sooner.</i></blockquote> Hear, hear. <blockquote><i>Also, I'm not sure on this point, but I don't think SHA-512 adds any security over SHA-1. It increases the size of the bitstream, which is useful for some applications, but finding collisions would take the same amount of time.</i></blockquote> Not sure I follow you here. If the best possible collision-finding attack is brute force, shouldn't a longer output translate directly to more work? Are you suggesting that there is a better-than-brute-force attack against SHA-512? I'd have to say that it seems likely that one will be discovered someday. This MD5 discovery shows how much we still have to learn about constructing hash functions. 386193 386351 4