|
|
|
|
|
|
by userbinator
4291 days ago
|
|
|
Finding a collision in MD5 is costly Not at all; look up "md5coll" and "fastcoll", released nearly 10 years ago, could generate a pair of colliding blocks in under an hour. Testing them now on my machine (which is already a few years old) it generated them in under a second(!) This has been used to create executables that behave differently but that's because they can inspect themselves; on the other hand I think generating two .zip files with the same hash but different (valid) contents would be rather more difficult, but it's probably still quite feasible today. |
|
|
As files get larger matching both the MD5 and file size becomes more costly.