My understanding is that there's a workable crack/spoof for MD5 out there. This is why MAME went with SHA1 after initially flirting with MD5.

That said, it's pretty unlikely you could come up with a file that spoofs *both* CRC32 and MD5.

Last edited by R. Belmont; 06/29/07 02:46 AM.