What is Hash Collision?
When two different inputs produce the same hash output, potentially allowing an attacker to forge digital signatures or bypass integrity checks.
Hash functions are designed to be collision-resistant, but some older algorithms have been broken.
Broken Algorithms
- MD5: Practical collision attacks since 2004. NEVER use for security.
- SHA-1: First practical collision demonstrated in 2017. Being phased out.
Safe Algorithms
- SHA-256/SHA-3: No practical collision attacks known
- BLAKE2/BLAKE3: Modern, fast, secure
Impact of Collisions
- Forged digital signatures (two documents with the same hash)
- Bypassed file integrity checks
- Certificate forgery (if CA uses the vulnerable hash)
The Flame Malware
The Flame malware (2012) exploited an MD5 collision to forge a Microsoft certificate, making it appear to be a legitimate Windows update. This demonstrated the real-world danger of hash collisions.
Related Terms
Digital Signature
A cryptographic mechanism that proves the authenticity and integrity of a message or document, confirming it was created by the claimed sender and hasn't been altered.
Hash Function
A mathematical function that converts any input data into a fixed-size string of characters (hash). Cryptographic hash functions are one-way, meaning you cannot reverse the process to recover the original data.
SHA-256
A cryptographic hash function that produces a 256-bit (32-byte) hash value. Part of the SHA-2 family, it's widely used for data integrity verification, digital signatures, password hashing, and as the backbone of Bitcoin's proof-of-work.
Have more questions?
Use our guided flow to get the right next privacy step for Hash Collision.
Open Guided Flow