Ars Technica

How do you know when md5 will bite you with collisions?

What about sha1? Is there a way to work out your collision risk based on length of string and hashing function? In general, unless you're specifically tailoring input to produce collisions, collision ...
Ars Technica

Crypto attack that hijacked Windows Update goes mainstream in Amazon Cloud

Underscoring just how broken the widely used MD5 hashing algorithm is, a software engineer racked up just 65 cents in computing fees to replicate the type of attack a powerful nation-state used in ...
Threat Post

Microsoft Details Flame Hash-Collision Attack

The details of the collision attack used by the Flame malware authors to create a forged code-signing certificate for Microsoft code are beginning to emerge, and the company said that the attackers ...
Threat Post

SLOTH Attacks Up Ante on SHA-1, MD5 Deprecation

Researchers have demonstrated new collision attacks against SHA-1 and MD5 implementations in TLS, IKE and SSH. If you’re hanging on to the theory that collision attacks against SHA-1 and MD5 aren’t ...