The worst thing is that this time there is no obvious alternative. I'm not too confident about the SHA-2 family as it's quite similar to SHA-1. The SHA-3 hash (NIST hash competition) will not be chosen until 2012. One solution could be using block cipher-based message authentication codes such as CMAC or PMAC Marti