> Yet. We get closer every time a new vulnerability is discovered.
Skipjack is the famous counterexample to this: it's been broken up to 31 rounds, but specified usage mandates 32 rounds. Skipjack was given immense scrutiny due to the NSA's role in its design, and we're no closer to a full-round break of it than we were in 1999.
MD5 even still has pre-image resistance. A practical preimage attack would indicate something even more serious was overlooked with a design of a hash function. A practical attack would mean you could reverse the value of what produced the hash, by just using the hash.
Only seriously lousy cryptographic hash functions would have bad preimage resistance. Heck even the pigeon hole principal makes this aspect of design easier for a hash function. If a wildy used hash function some how had a practical pre image attack i would be more concerned about our process of standardizing algorithms.
