MD5 collision risk
 

Suppose someone comes up with 2 different data files that would collide in their MD5 hash. What is the chance that for a given arbitrary string, these 2 different data files appended to that string (e.g. the string is first) will also collide in their MD5 hash?

Where this fails:
but these get the same results:
what chance for these to get the same results:
or these:
or these:
or even these:
The idea here is if you have a system where files are being provided by people, where some suspect you manage the files by MD5 hash, and have an interest in creating a collision, and manage to create a bogus file with the same MD5 hash as another one ... could a secret salt file being added to the file before hashing be expected to reasonably obscure the hashing?

Or you could use both MD5 and SHA1 sums

Do you mean you're using the MD5 as a unique identifier for the files?

If the additional string is at the end and the original files were a multiple of 512 bits then the collision will still exist.

If you are aiming to use additional (secret) information for message authentication then use HMAC http://www.ietf.org/rfc/rfc2104.txt

This shouldn't be too hard to verify. Googling "md5 collisions" yields this page:
http://www.mathstat.dal.ca/~selinger/md5collision/

It's got two distinct strings that yield the same MD5 sum. You could try appending a 512-bit string to each and see if the collision happens.