MD5 is a cryptographic hash function. For some applications, such things can cause problems if they are found to not have a property called “collision resistance”. MD5 is known to have very poor collision resistance.

When MD5 was first discovered to have poor collision resistance it was widely recommended to switch away from MD5 for all applications, even those that were not affected. It was generally assumed that MD5 would be soon discovered to be unsuitable for more classes of applications. Many programs were switched away from MD5 at great cost in time, resources and in many cases compatibility.

The suggested hash function was called SHA-1. Ten years later SHA-1 was also found to have poor collision resistance. So how much trouble would you be in today (2020) if you had of just ignored everyone and kept using MD5 for an application that did not need collision resistance?

None at all.

The moral here is that sometimes when a long term project like, say, GnuPG does not immediately react to a perceived but currently theoretical threat they are not being stupid or stubborn but are simply being wise.

Another possible lesson is that predicting the future is hard, particularly when it comes to something like cryptography. Such predictions should be viewed with skepticism.

PGP FAN index