[wisienkas]

Not knowing too much of the NeuralHash model, but why are they using MD5 hash, they are known to have many collisions. We don't use MD5 for private/public keys for the same reason

[enedil]

We don't use md5 for private/public keys because md5 is a hashing algorithm, unrelated completely to encryption. Also, what are your reasons to believe that md5 has been used there?

[Grollicus]

Hashes are generally a part of the signature generation used with certificates. See for example "What role do hashes play in TLS/SSL certificate validation?" -> https://security.stackexchange.com/questions/67512/what-role...

In certificates, md5 - and sha1 - was used quite some time after it was known to be weak, I suspect OP was thinking of that.

This article seems to give a good summary what happened with sha1, mentions md5 in passing and links the related chromium issue: https://konklone.com/post/why-google-is-hurrying-the-web-to-...

[Retr0id]

What makes you think they're using MD5 anywhere?

Even if they were, it wouldn't matter, because NeuralHash is non-cryptographic by design.

[wisienkas]

I looked at the link and looked at the output from the algorithm for the 2 images which was a MD5 hash. so from that :)

[Retr0id]

But it isn't MD5. It's not even the same length as an MD5 hash. I am confused by your reasoning.