http://www.c0t0d0s0.org/archives/6349-Perceived-Risk.html
Sorry, this is all bunk. You shouldn't be worried about an accidental collision. You should be worried about an intentional collision. Especially if your filesystem stores data that is under the attackers control such as email messages, web page caches, etc. So what you need to analyze isn't how often an accidental collision happens but how hard it is to create an intentional collision. All the popular hash algorithms have been losing ground to attackers lately. The simple solution is to use a keyed hash rather than an unkeyed one and keep the key secret from potential attackers. Tim Newsham | www.thenewsh.com/~newsham | thenewsh.blogspot.com
