Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term Hash Collisions

Training Camp • Cybersecurity Glossary

What is Hash Collisions?

Two different inputs producing the same hash output. They break collision-resistance and have killed MD5 and SHA-1 for security use.

Glossary > Cryptography & PKI > Hash Collisions

Hash Collisions — Two different inputs producing the same hash output

Understanding Hash Collisions

A hash collision occurs when two different inputs produce the identical output value from a hash function. Because a hash maps unlimited possible inputs to a fixed-length output, collisions are mathematically inevitable. The security question is not whether they exist, but whether an attacker can find or engineer one efficiently, which would undermine the function's collision resistance.

Cryptographic hash functions are designed so that finding any two colliding inputs is computationally infeasible. The birthday paradox sets the bar: for an n-bit output, a brute-force collision is expected after roughly 2^(n/2) attempts, so a 256-bit hash like SHA-256 offers about 128 bits of collision resistance. A function is considered broken when researchers discover an attack faster than this generic birthday bound, revealing structural weaknesses in the algorithm itself.

For security, collision resistance is the property that lets hashes guarantee integrity. Digital signatures, certificates, software update verification, and Git commit identifiers all assume that a given hash uniquely binds to its content. If an attacker can craft two files with the same hash, one benign and one malicious, a signature or checksum validated on the safe file silently authenticates the harmful one, defeating the trust the hash was meant to provide.

A concrete example is the 2017 SHAttered attack, in which Google and CWI produced two distinct PDF files sharing one SHA-1 hash, demonstrating a practical collision and accelerating the industry's migration away from SHA-1 for certificates and signatures. MD5 fell even earlier and was abused in the Flame malware to forge a Microsoft code-signing certificate. These failures explain why modern systems mandate SHA-256, SHA-3, or BLAKE2 for any integrity-critical use, while deprecated functions remain acceptable only for non-security tasks such as checksums against accidental corruption.

Learn More About Hash Collisions:

Ready to Get Certified?

Turn knowledge into credentials with our instructor-led cybersecurity boot camps.

View All Courses →