Ed Felton has been blogging on the partial “cracks” (collisions) found in the MD5 and SHA-1 hash functions that are being reported at Crypto 2004.
Felton’s brief analysis:
Where does this leave us? MD5 is fatally wounded; its use will be phased out. SHA-1 is still alive but the vultures are circling. A gradual transition away from SHA-1 will now start. The first stage will be a debate about alternatives, leading (I hope) to a consensus among practicing cryptographers about what the substitute will be.
Note to self: design my systems so it’s possible to update crypto algorithms in all my legacy data, should the need arise.