I think hashing your sequence twice with different salt suffixes will make it much stronger, if not unbreakable for the next decade. Or am I missing something?
So, for input sequence t a better hash can be computed as
md5(md5(t + salt1) + salt2)
Once computers get more powerful just add one more step with saltN, and so on.
Upd: length of t can be included in calculation as well.
If you can create matching hash pairs at will, the interesting attack in binaries is to distribute one that acquires a trusted reputation under the shared hash, then at a later date replace it with the problem one.
Not too bad of a risk if diverse hashes are often used and people promptly move away from any hashes that demonstrate collisions; could be a nasty surprise if the collision is privately discovered and sprung at an inopportune moment, or people keep trusting an older hash after collisions start appearing in the wild.
RSA Security as early as 1996 was recommending against MD5 in situations where collision-resistance was important, because research had started to show weaknesses in its family of hashes. [1]
BitTorrent does use SHA1 (last I checked -- it's been a while). Recently, SHA1 has been shown to have problems, indicating that its collision-resistance isn't as strong as its design target, and might yield to demonstrated collisions soon. [2]
So BitTorrent may want to plan for a transition to new hashes sometime in the next couple of years. Possibilities for a next-few-decades hash could include SHA256/SHA384/SHA512, Whirlpool, or the to-be-determined winner of the upcoming NIST hash competition (like the one that chose AES). [3]
probably better to use sha-1 and md5 together, that way even if both are broken, it is very unlikely that an evil person will be able to create a fakefile that has the same sha-1 AND md5 hash as the realfile
So, for input sequence t a better hash can be computed as
Once computers get more powerful just add one more step with saltN, and so on.Upd: length of t can be included in calculation as well.