Does MD5 work cross-platform?

Kailash Nadh wrote:
> On Nov 23, 7:13 pm, Toby A Inkster <usenet200...@tobyinkster.co.uk>
> wrote:
>> Rik Wasmus wrote:
>>> You can't decrypt/decode it though (well, at least not practically).
>> Well, you can't at all, because for any given MD5 hash, there are infinite
>> possible inputs which could have generated it. So even if you manage to
>> find an input which produces that value as its output (which is more or
>> less an enormous brute-force search), you can't be sure that it's the same
>> as the original input.
>>
>> --
>> Toby A Inkster BSc (Hons) ARCS
>> [Geek of HTML/SQL/Perl/PHP/Python/Apache/Linux]
>> [OS: Linux 2.6.17.14-mm-desktop-9mdvsmp, up 1 day, 9 min.]
>>
>> It'll be in the Last Place You Look
>> http://tobyinkster.co.uk/blog/2007/11/21/no2id/
>
>
> Toby, I think you are mistaken.
> In theory, every md5 hash is unique. An md5 hash is bound to a single
> unique input. If a brute-force matches a has, THAT is the original
> input.
>
> Regards,
> Kailash Nadh
> http://kailashnadh.name
>

(Top posting fixed)

Wrong. A MD5 hash results in a 32 byte value. Theoretically there are
a (near) infinite number of hashes which can be resolved to a the same
hash. If it were unique, it would be the best compression algorithm
known to programmers.

And please don't top post. Thanks.


--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

On Nov 26, 4:08 am, Jerry Stuckle <jstuck...@attglobal.net> wrote:
> KailashNadhwrote:
> > On Nov 23, 7:13 pm, Toby A Inkster <usenet200...@tobyinkster.co.uk>
> > wrote:
> >> Rik Wasmus wrote:
> >>> You can't decrypt/decode it though (well, at least not practically).
> >> Well, you can't at all, because for any given MD5 hash, there are infinite
> >> possible inputs which could have generated it. So even if you manage to
> >> find an input which produces that value as its output (which is more or
> >> less an enormous brute-force search), you can't be sure that it's the same
> >> as the original input.
>
> >> --
> >> Toby A Inkster BSc (Hons) ARCS
> >> [Geek of HTML/SQL/Perl/PHP/Python/Apache/Linux]
> >> [OS: Linux 2.6.17.14-mm-desktop-9mdvsmp, up 1 day, 9 min.]
>
> >> It'll be in the Last Place You Look
> >> http://tobyinkster.co.uk/blog/2007/11/21/no2id/
>
> > Toby, I think you are mistaken.
> > In theory, every md5 hash is unique. An md5 hash is bound to a single
> > unique input. If a brute-force matches a has, THAT is the original
> > input.
> >
> > Regards,
> >KailashNadh
> >http://kailashnadh.name
> >
>
> (Top posting fixed)
>
> Wrong. A MD5 hash results in a 32 byte value. Theoretically there are
> a (near) infinite number of hashes which can be resolved to a the same
> hash. If it were unique, it would be the best compression algorithm
> known to programmers.
>
> And please don't top post. Thanks.
>
> --
> ==================
> Remove the "x" from my email address
> Jerry Stuckle
> JDS Computer Training Corp.
> jstuck...@attglobal.net
> ==================

Ah, my mistake.

Regards,
Kailash Nadh
http://kailashnadh.name

Kailash Nadh wrote:

> In theory, every md5 hash is unique. An md5 hash is bound to a single
> unique input. If a brute-force matches a has, THAT is the original
> input.

As everyone else has pointed out, MD5s are not unique. Here's a thought
experiment which proves it.

An MD5 is a 128-bit number. Thus there are 2^128 possible MD5 outputs.

If we consider all possible files of length 17 bytes (136 bits), then
you'll notice that there are 2^136 possible MD5 inputs.

Now, (2^136)/(2^128) = 2^8 = 256. Which means that for every MD5 input,
there are (on average) 256 different files of length 17 bytes which can
produce that result.

And that's just collisions with files of length 17 bytes. When you
consider files with length 18 bytes, there are over 65000 collisions for
each MD5 result. Imagine how many possible collisions there are with files
in the kilobyte or megabyte size range!

--
Toby A Inkster BSc (Hons) ARCS
[Geek of HTML/SQL/Perl/PHP/Python/Apache/Linux]
[OS: Linux 2.6.17.14-mm-desktop-9mdvsmp, up 2 days, 14:54.]

It'll be in the Last Place You Look
http://tobyinkster.co.uk/blog/2007/11/21/no2id/