jwcolby
jwcolby at colbyconsulting.com
Sat Mar 19 08:21:58 CDT 2011
Stuart, Thanks for that. I am not a cryptologist and all I can do is try to use a tool I do not understand to solve a problem I do understand. If my hashes really are that "unique / secure" then I will stop worrying about it. I still need to do a check of actual data though because I went looking one day and discovered "collisions". Given that we believe the collision is not in the key itself, it must have been in my method of finding the collision. In any case, I am not going to worry any more so thanks for the peace of mind! ;) John W. Colby www.ColbyConsulting.com On 3/19/2011 8:51 AM, Stuart McLachlan wrote: > In the case of 1000 single character messages, you are bound to get collisions since there > are only 256 possible original messages. You will be hashing the same value multiple times > > Apart from that, your understanding is incorrect. It doesn't matter how long the string is. The > chances of a collision with two different messages remains the same. > > The message is hashed using padded blocks of a fixed length. > There is no more chance of a collision between "a" and "b" than there is between > "aaaaaaaaaaaaaaaaaaa" and "baaaaaaaaaaaaaaaaaaa". > > Specifically, the chance of a collision within n different messages, using b bits of encryption is > (n*(n-1)/2) * (1/2^b). > > Note that the length of the message doesn't come into that equation. > > The probability of a collision is determined by only TWO things. > > 1) The length of the digest. > 2) The quantity of messages. > > As for "everyone agrees". Noone who understands how it works, agrees. >