This remark has little to do with the topic of the thread, but for what it's worth, SHA2 doesn't belong near SHA1 and MD5 in your list of "merely mix bits with no theoretical basis" category. SHA2 is fine, and may be fine forever. The theory by which people worked out SHA1 collisions is extraordinarily well studied.
And I think it's worth saying: nobody has figured out how to "unmix" MD5 or SHA1: HMAC-SHA1 and HMAC-MD5 are still unbroken.
And I think it's worth saying: nobody has figured out how to "unmix" MD5 or SHA1: HMAC-SHA1 and HMAC-MD5 are still unbroken.