Re: Non-identical files with identical md5sums on Debian systems?
Fabian Greffrath <firstname.lastname@example.org> writes:
> I do occasionally check for identical files on different systems by
> comparing their md5sums. So, just out of interest, could someone tell me
> (how to find out) how many non-identical files with identical md5sums
> there are there on a typical (say, amd64) Debian system?
Unless you have a collection of MD5 collision attacks, or have installed a
package that includes a sample MD5 collision, the changes are quite good
that the answer is "zero." MD5 is no longer considered cryptographically
strong, but that doesn't mean it's not a fairly random 128-bit hash. You
need a *lot* of files before even the birthday paradox will give you much
likelihood of an MD5 collision that wasn't intentionally constructed.
Russ Allbery (email@example.com) <http://www.eyrie.org/~eagle/>