There's something I don’t understand about MD5 hashes. An MD5 hash is supposed to be able to produce a unique 128-bit fingerprint for a message of 'arbitrary size.' It's been conjectured that no two messages will produce the same fingerprint. What I don't understand is, how can you produce a unique MD5 fingerprint for messages of 'arbitrary size' when there are only 2^128 possible MD5 outputs? It would seem that one could exhaust the number of possible hash outputs by simply trying to run 129-bit messages through the hash. Obviously I'm missing something here…

Your mistake is in your assumption "It's been conjectured that no two messages will produce the same fingerprint". I've never heard this conjecture, nor does it make any sense. A hash is simple a many to one mapping. Many different keys will map to the same hash value, actually considering the key length is arbitrary, infinitely many keys map to the same hash value. The good thing about a md5 hash is that the ODDS of getting the same hash value are astronomical, AND if you do, chances are the two keys are SOOOO different, a hash probably wouldnt even be done or needed.

-AntonK

Alas! There are some good Crypto Questions available.Keep posting fellas to keep me interested.

thanks!

Dobbertin Attack on MD5 should be an alarm for those who use it.Scalability is yet to be proved though.


bye!