collision possiblity of 16-char and 32-char md5

Question

I know 16-char md5 string is the 8th and 24th chars of 32-char md5 string, eg:

469e80d32c0559f8

7fef6171469e80d32c0559f88b377245

My question is: given two different string and calculate their 16 and 32 md5, is the collision possiblity of their 16 md5 is much larger than 32 md5? Or they are the same.

Thanks.

Answer 1

A collision is a situation when for two different messages, m1 and m2, the hash is the same, i.e. hash(m1) = hash(m2).

The longer the output of hash(m) function can be, the lower collision possibility is. For example, let's think of a situation, when function hash(m) should map message m to just one bit, i.e. it could map just to 0 or 1. The collision risk would be very high then. :)

Then there's a question of quality of hash function. It should map message to value with the same probability, for all messages. For MD5 it's not the case, some values are used more often. That increases collision risk. MD5 has serious flaws, like the birthday attack.

We know (http://www.faqs.org/rfcs/rfc4270.html) that successful attacks against MD5 can be done on a home PC. It's better to switch to SHA-1. Microsoft recommends SHA256 or SHA512.

Answer 2

If MD5 was a perfect hash function (it isn't) then each of the characters in its hex string would be a random number from 0 to 15. As such the 16 character hash has a collision probability of 16^-16 = 1 in 1.8×10¹⁹, and the 32 character has has a collision probability of 16^-32 = 1 in 3.4×10³⁸, much less likely. Note that the birthday paradox applies; you have around a 50% chance of a collision in a set of just 4.3×10⁹ items with the shorter hash; that's the square root of the total number of possible hashes.

However since MD5 is not a good hash function it's possible to deliberately engineer a collision either way. Consider a stronger hash.