How critical is the particular hash method used to produce the key from the shared secret? Too critical to just specify a particular hash method for fear that it might become compromised (e.g., MD5)? Phil