[dba-VB] SHA1 to compute a hash

jwcolby jwcolby at colbyconsulting.com
Sat Mar 19 08:21:58 CDT 2011


Stuart,

Thanks for that.  I am not a cryptologist and all I can do is try to use a tool I do not understand 
to solve a problem I do understand.  If my hashes really are that "unique / secure" then I will stop 
worrying about it.  I still need to do a check of actual data though because I went looking one day 
and discovered "collisions".  Given that we believe the collision is not in the key itself, it must 
have been in my method of finding the collision.

In any case, I am not going to worry any more so thanks for the peace of mind!  ;)

John W. Colby
www.ColbyConsulting.com

On 3/19/2011 8:51 AM, Stuart McLachlan wrote:
> In the case of 1000 single character messages, you are bound to get collisions since there
> are only 256 possible original messages.  You will be hashing the same value multiple times
>
> Apart from that, your understanding is incorrect. It doesn't matter how long the string is.  The
> chances of a collision with two different messages remains the same.
>
> The message is hashed using padded blocks of a fixed length.
> There is no more chance of a collision between "a" and "b" than there is between
> "aaaaaaaaaaaaaaaaaaa" and "baaaaaaaaaaaaaaaaaaa".
>
> Specifically, the chance of a collision within n different messages, using b bits of encryption is
> (n*(n-1)/2) * (1/2^b).
>
> Note that the length of the message doesn't come into that equation.
>
>   The probability of a collision is determined by only TWO things.
>
>   1) The length of the digest.
>   2) The quantity of messages.
>
> As for "everyone agrees".  Noone who understands how it works, agrees.
>



More information about the dba-VB mailing list