Is MD5 still resistant to second-preimage attacks?

Question

MD5 and SHA1 have been considered "broken", but as far as I can tell, all people have been able to do is create some pairs that hash to the same value. However, is MD5 still "irreversible", in the sense that, given an image, it's not computationally feasible to find a preimage? Or with rainbow tables, we can now do it for some significant class of images?In case someone is wondering, I'm using MD5 to hash email addresses to a primary key field. I understand that hashing phone numbers can be reversible since the domain is too small. I also understand that people who know the email can find out the user it corresponds to. But those who don't know the email, can't reverse the hash unless they try a bunch of emails.

MobiusHorizons · Accepted Answer

Let me pose an alternate question. What is your reason for using md5 for this? Even if it is not currently possible to reverse the hash (I believe the key space is too large to feasibility break), it may become vulnerable in the future.If you want a fast one way hash, why not use something like an hmac with a secret key?

dingosity · Answer

no.