两个不同的字符串可以生成相同的 MD5 哈希码吗? [英] Can two different strings generate the same MD5 hash code?

问题描述

对于我们的每个二进制资产，我们都会生成一个 MD5 哈希值.这用于检查某个二进制资产是否已经在我们的应用程序中.但是两种不同的二进制资产是否有可能生成相同的 MD5 哈希值.那么是否有可能两个不同的字符串生成相同的 MD5 哈希值?

For each of our binary assets we generate a MD5 hash. This is used to check whether a certain binary asset is already in our application. But is it possible that two different binary assets generate the same MD5 hash. So is it possible that two different strings generate the same MD5 hash?

推荐答案

对于一组甚至数十亿的资产，随机冲突的可能性可以忽略不计——您无需担心.考虑 生日悖论，给定一组 2^64(或 18,446,744,073,709,551,616)资产，概率为此集合中的单个 MD5 冲突为 50%.在这种规模下，您可能会在存储容量方面击败 Google.

For a set of even billions of assets, the chances of random collisions are negligibly small -- nothing that you should worry about. Considering the birthday paradox, given a set of 2^64 (or 18,446,744,073,709,551,616) assets, the probability of a single MD5 collision within this set is 50%. At this scale, you'd probably beat Google in terms of storage capacity.

然而，因为 MD5 哈希函数已被破坏(它容易受到碰撞攻击)，任何确定的攻击者都可以在几秒钟内产生 2 个冲突资产，从而消耗 CPU 能力.因此，如果您想使用 MD5，请确保此类攻击者不会危及您应用程序的安全性！

However, because the MD5 hash function has been broken (it's vulnerable to a collision attack), any determined attacker can produce 2 colliding assets in a matter of seconds worth of CPU power. So if you want to use MD5, make sure that such an attacker would not compromise the security of your application!

此外，如果攻击者可能与您数据库中的现有资产发生冲突，请考虑后果.虽然没有针对 MD5(截至 2011 年)的此类已知攻击(原像攻击)，但它可以通过扩展当前对碰撞攻击的研究，成为可能.

Also, consider the ramifications if an attacker could forge a collision to an existing asset in your database. While there are no such known attacks (preimage attacks) against MD5 (as of 2011), it could become possible by extending the current research on collision attacks.

如果这些都成为问题，我建议查看 SHA-2 系列哈希函数(SHA-256、SHA-384 和 SHA-512).缺点是速度稍慢，哈希输出更长.

If these turn out to be a problem, I suggest looking at the SHA-2 series of hash functions (SHA-256, SHA-384 and SHA-512). The downside is that it's slightly slower and has longer hash output.

这篇关于两个不同的字符串可以生成相同的 MD5 哈希码吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！