Re: what is probability to create two equal hashes for md5 algorithm



"Mike Amling" <spamonly@xxxxxxxxxxx> wrote in message
news:el7f87$ln0@xxxxxxxxxxxxxxxxxxxxxxxxxx
Those are pretty high probabilities. I presume you intended to type
2^-64 and 2^-80, but the in the scenario you describe, the probability of
a pair of random inputs producing the same output, the probabilities are
2^-128 and 2^-160.
You can expect approximately one collision among 2^64 (resp. 2^80)
different inputs, because that many messages generates 2^128 (resp. 2^160)
pairs.

I'll disagree. What we have here is a large pool of outputs, this is the
birthday paradox case, this is where I got my numbers. I'll admit I gave
pessimistic numbers, but if 2^-80 is a pessimistically high probability it's
a good day.


(that is, if those hash functions
indeed exhibit the right properties --- at the very least, it makes
sense to make that assumption to simplify the reasoning)

It is expected that for the uniform distribution requirement for this, so
far I'm not aware of any research indicating that any of the MD5/SHA series
has any significantly low probability paths, and I certainly haven't found
any. With as much as these have been examined I would expect that such
differentials would be high priority.
Joe


.