>> The chance of a collision really is much smaller than I thought, even >> including the birthday paradox. But rather than just say it's small and >> ask you to take my word for it I'm providing a link. The Wikipedia page >> for Birthday Attack has a chart that shows the probability of collision >> for hashes of various lengths. >> >> http://en.wikipedia.org/wiki/Birthday_attack> > >Well nuts. Unless my estimation is wrong, my half-length MD5sum would >be 64-bit and thus the 10^-18 probability of collisions would require a> db of 190 entries rather than full-length MD5sum's 820 billion. > >Unless corrected, I'll revise my algorithm this evening.
Well, a 64-bit hash with a 10^-18 probability of collisions would only require 6 entries in the DB. However a 10^-12 probability should be good enough because there probably aren't a trillion unique email addresses. A 10^-12 probability of collision would allow 6 million entries in the DB. This is not to suggest that I ever understood the part about using half-length MD5. Jeff Moss
