Steven D'Aprano <[EMAIL PROTECTED]> writes: > http://www.iusmentis.com/technology/encryption/pgp/pgpattackfaq/hash/ > > the expected number of random unique files you would need to compare > before finding a single collision in the MD5 hashes is (very roughly) > 10**70, or ten billion trillion trillion trillion trillion trillion.
That's not right, the right number is around 2**64 or 2e19. See the section of that page about the birthday attack. It's still an awful lot. There are also known ways of deliberately constructing md5 collisions (i.e. md5 is broken). Whether the OP should care about that depends on the application. -- http://mail.python.org/mailman/listinfo/python-list
