hash = md5(salt + 'xyzzy')
hash = md5('xyzzy' + salt)mind: point taken about md5 being 'good enough' for your purposes. yes, sha1 is cryptographically broken, move to sha512/sha256 ("sha2").
however i will add.. your handwaving example of using
hash = md5(s . 'xyzzy')
to overcome a malicious party who wants to cause collisions is not going to work. appending the same thing to two messages that hash the same will yield two new messages that hash the same. in fact, this is what makes it so easy to create arbitrary messages which hash to the same thing (it does not require a "sophisticated attacker" at all)
Folks sometimes say MD5 is "overkill" for a lot of these applications. But it's good, cheap, strong, and it works. It's not going to cause you problems if you use it. You're not going to ever have to debug it or second guess it. If you have perf problems, and suspect MD5, and then go profile your code, it's not going to be MD5 that's causing your problems. You're going to find that it was something else.
But if you feel you absolutely must leave the path and look for some faster hashes, check out Bob Jenkins' site. [Also see the Hsieh hash, it looks very good.]
About as fast as your disk or network transfer rate.
Algorithm Size MB/s
MD4 128 165.0
MD5 128 98.8
SHA-1 160 58.9
These are 2004 numbers from the perl Digest implementation.