How do I assess the hash collision probability?

probability language-agnostic md5 estimation

I'm developing a back-end application for a search system. The search system copies files to a temporary directory and gives them random names. Then it passes the temporary files' names to my application. My application must process each file within a limited period of time, otherwise it is shut down - that's a watchdog-like security measure. Processing files is likely to take long so I need to design the application capable of handling this scenario. If my application gets shut down next time the search system wants to index the same file it will likely give it a different temporary name.

The obvious solution is to provide an intermediate layer between the search system and the backend. It will queue the request to the backend and wait for the result to arrive. If the request times out in the intermediate layer - no problem, the backend will continue working, only the intermediate layer is restarted and it can retrieve the result from the backend when the request is later repeated by the search system.

The problem is how to identify the files. Their names change randomly. I intend to use a hash function like MD5 to hash the file contents. I'm well aware of the birthday paradox and used an estimation from the linked article to compute the probability. If I assume I have no more than 100 000 files the probability of two files having the same MD5 (128 bit) is about 1,47x10-29.

Should I care of such collision probability or just assume that equal hash values mean equal file contents?


Equal hash means equal file, unless someone malicious is messing around with your files and injecting collisions. (this could be the case if they are downloading stuff from the internet) If that is the case go for a SHA2 based function.

There are no accidental MD5 collisions, 1,47x10-29 is a really really really small number.

To overcome the issue of rehashing big files I would have a 3 phased identity scheme.

  1. Filesize alone
  2. Filesize + a hash of 64K * 4 in different positions in the file
  3. A full hash

So if you see a file with a new size you know for certain you do not have a duplicate. And so on.


Just because the probability is 1/X it does not mean that it won't happen to you until you have X records. It's like the lottery, you're not likely to win, but somebody out there will win.

With the speed and capacity of computers these days (not even talking about security, just reliability) there is really no reason not to just use a bigger/better hash function than MD5 for anything critical. Stepping up to SHA-1 should help you sleep better at night, but if you want to be extra cautious then go to SHA-265 and never think about it again.

If performance is truly an issue then use BLAKE2 which is actually faster than MD5 but supports 256+ bits to make collisions less likely while having same or better performance. However, while BLAKE2 has been well-adopted, it probably would require adding a new dependency to your project.

Related

Spark / Scala: forward fill with last observation
Getting the dimensions of the soft keyboard
How can this instance seemingly outlive its own parameter lifetime?
how to dynamically declare an array of objects with a constructor in c++
Android ListView with onClick items
What are non-word boundary in regex (\B), compared to word-boundary?
Nonstatic member as a default argument of a nonstatic member function [duplicate]
How do you load array and object from Cloud Firestore in Flutter
How to write a type trait `is_container` or `is_vector`?
C# How can I test a file is a jpeg?
What is the best practice for parsing remote content with jQuery?
Can I get a compile-time list of all of the case objects which derive from a sealed parent in Scala?