Hashing is used to quickly transform a variable-length
No. To protect the integrity of data, you need to use a Message Authentication Code (MAC) algorithm like HMAC (RFC 2104) or KMAC (NIST SP 800-185) or even SipHash (which is optimized for short messages).
Short answer: No. It has been broken by Marc Stevens et al.
Long answer: its collision resistance has been broken. Meaning that it can still be used in algorithms like HMAC where collision resistance is not required.
No. RFC 6151 gives more explanations as to why MD5 should not be used. Its collision resistance has been completely broken, and it provides very little second pre-image resistance (264)
No. In theory, if the original input is "random enough", nobody should be able to find a different input such that
MD5(input2) = MD5(input1). This property is called "second pre-image resistance". MD5 is only broken for collision resistance. Nonetheless, we still consider MD5 to be cryptographically broken, and it should not be used in any applications.
Yes, if you use it correctly. Meaning that you do not use it to hash secrets. Hashing secrets (to protect the integrity of a message for example) can be subject to length-extension attacks.
No. Hashing functions are quite fast in practice, which allow attackers to test millions of combinations per seconds. To store passwords, password hash functions are necessary as they are slower and prevent specialized hardware to optimize brute-forcing of hashed passwords. Argon2 (winner of the password hashing competition) should be used.
You should not hash secrets if you use an old hash algorithm like SHA-2, as it is vulnerable to length-extension attacks.
You can hash secrets if you use an algorithm like SHA-3 or BLAKE2.
cryptographically secure? ==
It depends. If the "key" part of the "key-value"s is user-controlled, then denial-of-service attacks exist where users spam a service with multiple "keys" that will collide under the hash function used in the hash table implementation. For this reason, many languages (like Golang) and system (like the Linux kernel) will randomize their hash function using randomness and cryptographic algorithms like SipHash. Some others (like Ocaml) requires you to opt-in in order to secure a hash table via additional entropy.
It depends. If the way you hash a structure is ambiguous, for example because some fields have variable length, then you might be in trouble.
In order to prevent different structures to hash to the same value, delimiters must be put in place. This can be done by using the TLV concept (Tag-Length-Value) where each value is preceded by its length and optionally its type. Standards like TupleHash exist to do this efficiently.