Hash Collision Demo

A hash collision occurs when two different inputs produce the same hash output. This is catastrophic for security, as it allows attackers to forge signatures or bypass integrity checks.

Input Block A (Hex)128 bytes

d131dd02c5e6eec4693d9a0698aff95c 2fcab58712467eab4004583eb8fb7f89 55ad340609f4b30283e488832571415a 085125e8f7cdc99fd91dbdf280373c5b d8823e3156348f5bae6dacd436c919c6 dd53e2b487da03fd02396306d248cda0 e99f33420f577ee8ce54b67080a80d1e c69821bcb6a8839396f9652b6ff72a70

Input Block B (Hex)128 bytes

d131dd02c5e6eec4693d9a0698aff95c 2fcab50712467eab4004583eb8fb7f89 55ad340609f4b30283e488832571415a 085125e8f7cdc99fd91dbdf280373c5b d8823e3156348f5bae6dacd436c919c6 dd53e23487da03fd02396306d248cda0 e99f33420f577ee8ce54b67080a80d1e c69821bcb6a8839396f9652b6ff72a70

Why does this happen? MD5 produces a 128-bit output. By the Pigeonhole Principle, collisions must exist because there are more possible inputs than outputs. However, finding them should be computationally infeasible.

Researchers found mathematical weaknesses in MD5 (differential cryptanalysis) that allow generating collisions in seconds rather than billions of years.