The Security of MD5 Hash for 128-bit Keys
Collisions are not useful in this case. You need a pre-image attack that can find the correct input that was used to generate the hash. An alternate input that creates a collision is still not the correct key, and won’t decrypt the data. Finding the correct 128-bit random input is not feasible, even with MD5.