A new kind of MD5 collision

[unilynx]

Impressive. Can't have enough nails in the MD5 coffin I guess.

Just had to verify it myself

  echo -n TEXTCOLLBYfGiJUETHQ4hAcKSMd5zYpgqf1YRDhkmxHkhPWptrkoyz28wnI9V0aHeAuaKnak | md5
  faad49866e9498fc1719f5289e7a0269

  echo -n TEXTCOLLBYfGiJUETHQ4hEcKSMd5zYpgqf1YRDhkmxHkhPWptrkoyz28wnI9V0aHeAuaKnak | md5
  faad49866e9498fc1719f5289e7a0269

[hk1337]

Extra verification.

  echo -n TEXTCOLLBYfGiJUETHQ4hEcKSMd5zYpgqf1YRDhkmxHkhPWptrkoyz28wnI9V0aHeAuaKnak | sha256sum 

173fb01b24b000789aae6a599193908745b0a031810453a464367c68baa6d333 -

  echo -n TEXTCOLLBYfGiJUETHQ4hAcKSMd5zYpgqf1YRDhkmxHkhPWptrkoyz28wnI9V0aHeAuaKnak | sha256sum

cccc5da79fdfb699b8cdf1d79a8d7814fe46e06bde4f201628423495f6e2d195 -

[djbusby]

Wait, just that A to E!?!?

[cosmotic]

> 1-byte difference

It's actually just 1 bit

[mcint]

> Its an identical-prefix collision attack where you can pick your own allowed charset (say alphanum, base64, all printable). It also allows to force some specific bytes (mainly 0-7 and 20-27) to some extent.

https://x.com/realhashbreaker/status/1770175862484197616

Worse still, sounds like a family of collisions might follow.

[ekzy]

True, 01000101 vs 01000001

[TillE]

I don't think the title is correct, this isn't "a new kind" of anything. This is the usual well-known attack on MD5 where you can create a pair of inputs with the same hash.

[a_cardboard_box]

There's a followup tweet explaining it, which you wouldn't see if you're not logged in:

> This is the first md5 collision with only printable ascii that I know of. I have been asked before if this was possible, but I used to respond its not practically doable.