Is there an MD5 Fixed Point where md5(x) == x?

Since an MD5 sum is 128 bits long, any fixed point would necessarily also have to be 128 bits long. Assuming that the MD5 sum of any string is uniformly distributed over all possible sums, then the probability that any given 128-bit string is a fixed point is ¹/_2¹²⁸.

Thus, the probability that no 128-bit string is a fixed point is (1 − ¹/_2¹²⁸)²¹²⁸, so the probability that there is a fixed point is 1 − (1 − ¹/_2¹²⁸)²¹²⁸.

Since the limit as n goes to infinity of (1 − ¹/_n)ⁿ is ¹/_e, and 2¹²⁸ is most certainly a very large number, this probability is almost exactly 1 − ¹/_e ≈ 63.21%.

Of course, there is no randomness actually involved – either there is a fixed point or there isn't. But, we can be 63.21% confident that there is a fixed point. (Also, notice that this number does not depend on the size of the keyspace – if MD5 sums were 32 bits or 1024 bits, the answer would be the same, so long as it's larger than about 4 or 5 bits).

My brute force attempt found a 12 prefix and 12 suffix match.

prefix 12: 54db1011d76dc70a0a9df3ff3e0b390f -> 54db1011d76d137956603122ad86d762

suffix 12: df12c1434cec7850a7900ce027af4b78 -> b2f6053087022898fe920ce027af4b78

Blog post: https://plus.google.com/103541237243849171137/posts/SRxXrTMdrFN

Since the hash is irreversible, this would be very hard to figure out. The only way to solve this, would be to calculate the hash on every possible output of the hash, and see if you came up with a match.

To elaborate, there are 16 bytes in an MD5 hash. That means there are 2^(16*8) = 3.4 * 10 ^ 38 combinations. If it took 1 millisecond to compute a hash on a 16 byte value, it would take 10790283070806014188970529154.99 years to calculate all those hashes.