Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Not really. MD5 is thoroughly and completely broken, and has been for years. You can modify an image to be an MD5 collision for another image.


No you cannot. A collision requires the attacker to create both images.

What you are describing is a second preimage attack-- creating a second input with the same hash as a target.

There is no currently known tractable way to create second preimages for MD5.


Yeah, vaguely talking about MD5 as "broken" is common and misleading. There are very particular known attacks.

Obviously nobody should be using MD5, but it can be useful to understand there are circumstances where it's basically reliable unless you have an extremely sophisticated attacker.


That would be an intentional collision. An unintentional collision remains unlikely for a cryptographic hash.


Not just unlikely but astronomically unlikely.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: