In a paper [PDF] published in time for a cryptography conference in Silicon Valley this week, the authors from French research institute INRIA note that while MD5 (and its successor SHA1) are being phased out, they continue to be used in “mainstream protocols” like TLS, IKE, and SSH.

This is not exactly news, but the assumption has always been that its continued use doesn’t compromise security due to “pre-image resistance,” meaning it would require far too much computational power to crack. The paper argues this isn’t true and you could crack a code in an hour (given a powerful server) and use it to impersonate an end user – i.e., break into a system.

Source: The sloth is coming! Quick, get MD5 out of our internet protocols