Geoffrey Spear wrote: >How confident are we that MD5 doesn't have collisions between >"FOR".$somehash and "AGAINST".$someotherhash?
It does inherently have collisions, and there's a known attack that has demonstrated actual instances of collision (though not with meaningful strings yet). The next generation of hash algorithms should arrive in the next year or so. Until then, attacks can be practically deterred by using SHA-512. -zefram
