About the "hash algorithm collision", please see #2011-003 multiple implementations denial-of-service via hash algorithm collision