As you are probably aware, researchers have successfully attacked MD5 and SHA-1, the two most commonly used cryptographic hash functions. It’s no longer advisable to use them in applications such as digital signatures, although some other applications, such as hashed message authentication codes, aren’t affected. The attacks have triggered a kind of feeding frenzy in the cryptographic community; many researchers are now working on hash function and we can expect new results in this area for the next several years. What are US National Institute of Standards and Technology’s (NIST’s) plans for SHA-1 and hash functions in general? Read about this at IEEE Security & Privacy Magazine, March/April 2006 issue (Vol. 4, No. 2), ISSN: 1540-7993. It is here (requires subscription).