Q. How reliable is MD5 in light of this new discovery that SSL certificates can be forged backed on MD5 collision?
A. There are different aspects to this:
- It is possible to find another file with different content and with the same MD5 signature, but it is computationally very hard and requires deep technological expertise;
- If somebody uses SHA1 or other more advanced signatures, or SHA1 in combination with MD5, it is impractical to hack it;
- MD5 can still be used for deduplication, since hacking this process is more unlikely than falsifying individual evidence file;
- Since documents are authenticated by litigants and not only by hash values, and since there are many experts and many copies floating around, falsification based on MD5 collision is far-fetched;
- The area is still open to research, since hash signatures are used to analyze emails and other documents where byte-by-byte comparison is not adequate.