I had a funny argument with a friend the other day about the MD5 hashing algorithm. The argument was that it had been heard that MD5 is not vulnerable to collisions. Anyone having doubts can see the great examples provided by x-ways.net (creators of WinHex) and the relevant paper.
In case the site goes dead here is an example they have:
Input vector 1:

d1 31 dd 02 c5 e6 ee c4 69 3d 9a 06 98 af f9 5c
2f ca b5 87 12 46 7e ab 40 04 58 3e b8 fb 7f 89
55 ad 34 06 09 f4 b3 02 83 e4 88 83 25 71 41 5a
08 51 25 e8 f7 cd c9 9f d9 1d bd f2 80 37 3c 5b
d8 82 3e 31 56 34 8f 5b ae 6d ac d4 36 c9 19 c6
dd 53 e2 b4 87 da 03 fd 02 39 63 06 d2 48 cd a0
e9 9f 33 42 0f 57 7e e8 ce 54 b6 70 80 a8 0d 1e
c6 98 21 bc b6 a8 83 93 96 f9 65 2b 6f f7 2a 70

Input vector 2:

d1 31 dd 02 c5 e6 ee c4 69 3d 9a 06 98 af f9 5c
2f ca b5 07 12 46 7e ab 40 04 58 3e b8 fb 7f 89
55 ad 34 06 09 f4 b3 02 83 e4 88 83 25 f1 41 5a
08 51 25 e8 f7 cd c9 9f d9 1d bd 72 80 37 3c 5b
d8 82 3e 31 56 34 8f 5b ae 6d ac d4 36 c9 19 c6
dd 53 e2 34 87 da 03 fd 02 39 63 06 d2 48 cd a0
e9 9f 33 42 0f 57 7e e8 ce 54 b6 70 80 28 0d 1e
c6 98 21 bc b6 a8 83 93 96 f9 65 ab 6f f7 2a 70
Identical MD5 value, verified with WinHex: 79054025255fb1a26e4bc422aef54eb4

If you were to put theses two hex values into a file (with a Hex Editor) and then through a MD5 hashing function and a SHA-1 hashing function you can see that MD5 produces the same result were as SHA-1 produces a different one. What is interesting is the amount of changes made. Very few. Is it doctored? I think not! Game over! ...sorry if I am re-iterating an old issue, but like the media many time people need to hear about certain issues. Especially digital forensic analysts who rely upon these values for integrity and in their comparison functions.

MD5 hashing algorithm is dead, get over it! Long live the next one!! ...or as long as you can that is!
Links Used:
[1] MD5 Collision - http://www.x-ways.net/md5collision.html