Do different files always lead to different MD5 or SHA1 hash codes?

Clash Royale CLAN TAG#URR8PPP

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0;

up vote
1
down vote

favorite

My question is if different files always lead to different MD5 or SHA1 hash codes?

Thanks

encryption

share|improve this question

asked 4 hours ago

John

61

add a comment | 

up vote
1
down vote

favorite

My question is if different files always lead to different MD5 or SHA1 hash codes?

Thanks

encryption

share|improve this question

asked 4 hours ago

John

61

add a comment | 

up vote
1
down vote

favorite

up vote
1
down vote

favorite

My question is if different files always lead to different MD5 or SHA1 hash codes?

Thanks

encryption

share|improve this question

asked 4 hours ago

John

61

My question is if different files always lead to different MD5 or SHA1 hash codes?

Thanks

encryption

encryption

share|improve this question

asked 4 hours ago

John

61

share|improve this question

asked 4 hours ago

John

61

share|improve this question

share|improve this question

asked 4 hours ago

John

61

asked 4 hours ago

John

61

asked 4 hours ago

John

61

61

add a comment | 

add a comment | 

2 Answers
2

active

oldest

votes

up vote
2
down vote

No they don't. If you think about it, sha1 output has 160 bits. There are more than 2^160 possible files, therefore there must be multiple (infinitely many) potential files that have the same hashes. The problem is finding them.

Here are two files that have the same sha1.

share|improve this answer

answered 4 hours ago

Peter Harmann

5,73751425

add a comment | 

up vote
1
down vote

@PeterHarmann's answer is entirely correct, but to add to it: Secure hash algorithms (which MD5 was intended to be, and which is literally what "SHA" stands for) are supposed to be highly resistant to collisions where any two inputs have the same output. While such collisions will always exist for any algorithm that can take a longer (in terms of arbitrary bits of data) input than its output, finding them is supposed to be near-impossible. Ideally, doing so requires a brute-force attack on an infeasibly large search space, even when utilizing a birthday attack. In other words, while it's true that different files cannot always have different hash digests, in practice it's supposed to be possible to act as though they do.

SHA1 is deprecated because it has been demonstrated to be vulnerable to a collision attack, as Peter's link shows. MD5 is even worse, though; it has been demonstrated to be vulnerable to a chosen-prefix collision attack, where two distinct inputs can have suffixes appended to cause them to have the same hash digest. This was demonstrated as a way to break the protections afforded by cryptographic signatures (one of the key uses of secure hashes) by creating colliding X.509 certificates, allowing an attacker to generate a fraudulent certificate (with their own public key) that has the same hash and therefore the same signature as a valid certificate signed by a trusted certificate authority. The Flame malware used a fraudulent certificate purportedly signed by Microsoft, which was possible because Microsoft had a CA that was still issuing MD5-signed certificates.

share|improve this answer

answered 4 hours ago

CBHacking

8,54711525

add a comment | 

Your Answer

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "162"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

 

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f194954%2fdo-different-files-always-lead-to-different-md5-or-sha1-hash-codes%23new-answer', 'question_page');

);

Post as a guest

Name Email

2 Answers
2

active

oldest

votes

2 Answers
2

active

oldest

votes

active

oldest

votes

active

oldest

votes

up vote
2
down vote

No they don't. If you think about it, sha1 output has 160 bits. There are more than 2^160 possible files, therefore there must be multiple (infinitely many) potential files that have the same hashes. The problem is finding them.

Here are two files that have the same sha1.

share|improve this answer

answered 4 hours ago

Peter Harmann

5,73751425

add a comment | 

up vote
2
down vote

No they don't. If you think about it, sha1 output has 160 bits. There are more than 2^160 possible files, therefore there must be multiple (infinitely many) potential files that have the same hashes. The problem is finding them.

Here are two files that have the same sha1.

share|improve this answer

answered 4 hours ago

Peter Harmann

5,73751425

add a comment | 

up vote
2
down vote

up vote
2
down vote

No they don't. If you think about it, sha1 output has 160 bits. There are more than 2^160 possible files, therefore there must be multiple (infinitely many) potential files that have the same hashes. The problem is finding them.

Here are two files that have the same sha1.

share|improve this answer

answered 4 hours ago

Peter Harmann

5,73751425

No they don't. If you think about it, sha1 output has 160 bits. There are more than 2^160 possible files, therefore there must be multiple (infinitely many) potential files that have the same hashes. The problem is finding them.

Here are two files that have the same sha1.

share|improve this answer

answered 4 hours ago

Peter Harmann

5,73751425

share|improve this answer

share|improve this answer

answered 4 hours ago

Peter Harmann

5,73751425

answered 4 hours ago

Peter Harmann

5,73751425

answered 4 hours ago

Peter Harmann

5,73751425

5,73751425

add a comment | 

add a comment | 

up vote
1
down vote

@PeterHarmann's answer is entirely correct, but to add to it: Secure hash algorithms (which MD5 was intended to be, and which is literally what "SHA" stands for) are supposed to be highly resistant to collisions where any two inputs have the same output. While such collisions will always exist for any algorithm that can take a longer (in terms of arbitrary bits of data) input than its output, finding them is supposed to be near-impossible. Ideally, doing so requires a brute-force attack on an infeasibly large search space, even when utilizing a birthday attack. In other words, while it's true that different files cannot always have different hash digests, in practice it's supposed to be possible to act as though they do.

SHA1 is deprecated because it has been demonstrated to be vulnerable to a collision attack, as Peter's link shows. MD5 is even worse, though; it has been demonstrated to be vulnerable to a chosen-prefix collision attack, where two distinct inputs can have suffixes appended to cause them to have the same hash digest. This was demonstrated as a way to break the protections afforded by cryptographic signatures (one of the key uses of secure hashes) by creating colliding X.509 certificates, allowing an attacker to generate a fraudulent certificate (with their own public key) that has the same hash and therefore the same signature as a valid certificate signed by a trusted certificate authority. The Flame malware used a fraudulent certificate purportedly signed by Microsoft, which was possible because Microsoft had a CA that was still issuing MD5-signed certificates.

share|improve this answer

answered 4 hours ago

CBHacking

8,54711525

add a comment | 

up vote
1
down vote

@PeterHarmann's answer is entirely correct, but to add to it: Secure hash algorithms (which MD5 was intended to be, and which is literally what "SHA" stands for) are supposed to be highly resistant to collisions where any two inputs have the same output. While such collisions will always exist for any algorithm that can take a longer (in terms of arbitrary bits of data) input than its output, finding them is supposed to be near-impossible. Ideally, doing so requires a brute-force attack on an infeasibly large search space, even when utilizing a birthday attack. In other words, while it's true that different files cannot always have different hash digests, in practice it's supposed to be possible to act as though they do.

SHA1 is deprecated because it has been demonstrated to be vulnerable to a collision attack, as Peter's link shows. MD5 is even worse, though; it has been demonstrated to be vulnerable to a chosen-prefix collision attack, where two distinct inputs can have suffixes appended to cause them to have the same hash digest. This was demonstrated as a way to break the protections afforded by cryptographic signatures (one of the key uses of secure hashes) by creating colliding X.509 certificates, allowing an attacker to generate a fraudulent certificate (with their own public key) that has the same hash and therefore the same signature as a valid certificate signed by a trusted certificate authority. The Flame malware used a fraudulent certificate purportedly signed by Microsoft, which was possible because Microsoft had a CA that was still issuing MD5-signed certificates.

share|improve this answer

answered 4 hours ago

CBHacking

8,54711525

add a comment | 

up vote
1
down vote

up vote
1
down vote

@PeterHarmann's answer is entirely correct, but to add to it: Secure hash algorithms (which MD5 was intended to be, and which is literally what "SHA" stands for) are supposed to be highly resistant to collisions where any two inputs have the same output. While such collisions will always exist for any algorithm that can take a longer (in terms of arbitrary bits of data) input than its output, finding them is supposed to be near-impossible. Ideally, doing so requires a brute-force attack on an infeasibly large search space, even when utilizing a birthday attack. In other words, while it's true that different files cannot always have different hash digests, in practice it's supposed to be possible to act as though they do.

SHA1 is deprecated because it has been demonstrated to be vulnerable to a collision attack, as Peter's link shows. MD5 is even worse, though; it has been demonstrated to be vulnerable to a chosen-prefix collision attack, where two distinct inputs can have suffixes appended to cause them to have the same hash digest. This was demonstrated as a way to break the protections afforded by cryptographic signatures (one of the key uses of secure hashes) by creating colliding X.509 certificates, allowing an attacker to generate a fraudulent certificate (with their own public key) that has the same hash and therefore the same signature as a valid certificate signed by a trusted certificate authority. The Flame malware used a fraudulent certificate purportedly signed by Microsoft, which was possible because Microsoft had a CA that was still issuing MD5-signed certificates.

share|improve this answer

answered 4 hours ago

CBHacking

8,54711525

@PeterHarmann's answer is entirely correct, but to add to it: Secure hash algorithms (which MD5 was intended to be, and which is literally what "SHA" stands for) are supposed to be highly resistant to collisions where any two inputs have the same output. While such collisions will always exist for any algorithm that can take a longer (in terms of arbitrary bits of data) input than its output, finding them is supposed to be near-impossible. Ideally, doing so requires a brute-force attack on an infeasibly large search space, even when utilizing a birthday attack. In other words, while it's true that different files cannot always have different hash digests, in practice it's supposed to be possible to act as though they do.

SHA1 is deprecated because it has been demonstrated to be vulnerable to a collision attack, as Peter's link shows. MD5 is even worse, though; it has been demonstrated to be vulnerable to a chosen-prefix collision attack, where two distinct inputs can have suffixes appended to cause them to have the same hash digest. This was demonstrated as a way to break the protections afforded by cryptographic signatures (one of the key uses of secure hashes) by creating colliding X.509 certificates, allowing an attacker to generate a fraudulent certificate (with their own public key) that has the same hash and therefore the same signature as a valid certificate signed by a trusted certificate authority. The Flame malware used a fraudulent certificate purportedly signed by Microsoft, which was possible because Microsoft had a CA that was still issuing MD5-signed certificates.

share|improve this answer

answered 4 hours ago

CBHacking

8,54711525

share|improve this answer

share|improve this answer

answered 4 hours ago

CBHacking

8,54711525

answered 4 hours ago

CBHacking

8,54711525

answered 4 hours ago

CBHacking

8,54711525

8,54711525

add a comment | 

add a comment | 

 

draft saved

draft discarded

 

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f194954%2fdo-different-files-always-lead-to-different-md5-or-sha1-hash-codes%23new-answer', 'question_page');

);

Post as a guest

Name Email

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Name Email

Name

Email

Name Email

Name

Email