note tachyon <p><i> To find another string that maps to the same digest (i.e. a collision in the MD5-space) should theoretically take 2^128 steps.</i> <p>Actually that is right and wrong. Hash collisions conform to the <a href="http://www.itsecurity.com/dictionary/bday.htm">Birthday Paradox</a> which says that if you have 23 people in a room there is a 50% probability that 2 people will share a birthday (have a collision). This 'paradox' applies to hashes as well. For example you have a 50% probability of a collision in a 32 bit hash after a mere 77163 tries (roughly 2^16 ie nothing like 2^32) <h4>Update</h4> <p>Corrected technical inexactitude. The birthday paradox is the correct answer if you simply want a collision. To get a specific collision with a given digest it is not. <!-- Node text goes above. Div tags should contain sig only --> <div class="pmsig"><div class="pmsig-80749"> <p>cheers <p><font color="#0000ff">tachyon</font> </div></div> 386193 386193