Problem
The MD5 digest used in Elgg secret tokens to protect against CSRF attacks is what is known as a hash function. A good hash function H has the property that it should be resistant to collisions, ie, it is difficult to find two inputs, x1 and x2, such that H(x1)=H(x2). What is the advantage of using a hash function in the secret token approach to preventing CSRF attacks?