Actually, just with MD5 (a one-way hash function) you get no security! Say, you have a message to send securely. You compute MD5 of the message, append it with the message and send it. THe message can be read by any one who can access the physical network. The same person can also modify the message, compute the MD5 of the modified message and replace the original MD5 with this. SO there is no gurantee of integrity. As MD5 says nothing about the identity of the sender or receiver, you don't get authentication. So, just with MD5 you get no security!