28

Some one sent this to me and I have tried to figure it ouut on my own. But have not been successful. Can you help figure out this, he said it was in MD5... 1ce67f05968d51656eb71f13368f0b2d

MBC
  • 263
  • 2
  • 5
  • 3
    Oh my GOD! holy F! deep breathing right now! Thank you for helping me out. Yeah, he might be a little, big nerd but he is pretty wonderful...but it's kinda soon..lol OMG – MBC Feb 29 '16 at 20:17
  • 3
    Perhaps he agrees, and thus the addition of "...one day." – Xander Feb 29 '16 at 20:23
  • Did Biff send it to you? – Hannover Fist Feb 29 '16 at 21:09
  • 1
    I agree with @Xander, based on the wording I wouldn't consider it to be a formal marriage proposal. Especially if he did not expect the secret message to be so easily revealed! – Kevin K Feb 29 '16 at 21:27

1 Answers1

45

MD5 is not encryption, it is hashing. Not the same thing at all.

Otherwise, congratulations ! Whoever sends that to you is proposing marriage:

$ printf "You will be my wife one day" | md5sum
1ce67f05968d51656eb71f13368f0b2d  -

(Take care before answering "yes": he looks like a big nerd.)

Edit: the interesting part is of course how I found the source. I just looked it up on Google. The Web + Google makes for a rather good table of precomputed hash values.

Tom Leek
  • 172,594
  • 29
  • 349
  • 481
  • 3
    There may be infinite number of phrases with this hash, is not it?:) – user996142 Feb 29 '16 at 19:31
  • 13
    Not infinite in that the MD5 input is formally limited to 2^61 bytes or so, but yeah, a pretty high number. However, finding another one that matches that one could be quite challenging. Even computing a full-ASCII collision (collisions between two messages that consist only of ASCII characters) would be article-worthy; two meaningful colliding ASCII messages would be even better. – Tom Leek Feb 29 '16 at 19:34
  • 6
    The most impressive bit in this is that the guy used an online tool to hash it instead of some offline method. This way, that exact hash is added to rainbow tables all over the world eventually. So it would become Googlable. He should have made it more romantic by including the girl's name, though. – Adi Feb 29 '16 at 20:22
  • @Adi if he included the name it could potentially expose her. Also, maybe he was not the one that hashed it in the first place, and just found it. – Mindwin Remember Monica Feb 29 '16 at 20:27
  • Of course, MD5 is vulnerable to collision attacks - this would be a nasty place to use one. Suppose it were also the hash of something like "I don't ever want to marry you"! (Though most such attacks require a chunk of "garbage" bytes in the message, which would be pretty conspiciuous here.) – Nate Eldredge Feb 29 '16 at 20:36
  • 3
    Known collision attacks on MD5 use differential paths that work mostly on the high-order bits of input words (because these bits are linear in 32-bit additions) so we do not have cheap methods to compute ASCII-compatible MD5 collisions. Or if there is, I want to see it ! – Tom Leek Feb 29 '16 at 20:38
  • I agree with Tom and Nate: The odds of another matching garbage-free phrase are practically zero, even when you account for random iterations of spaces and non-printing characters. It'd take years for a serious stack of GPUs to find even a nonsensical English language collision. – Adam Katz Feb 29 '16 at 21:18
  • A wife for only "...one day"? Ah, well. – user2338816 Feb 29 '16 at 23:34
  • The input's 4 chars shorter than the hash. Odds of there being any other matching valid-English ascii phrase shorter than the hash are about zero. Given the string limit of 2^61 bytes, and that printable chars are 6 bits in every byte, we'd get about 6^(2^29) printable string collisions: that is, 10^417766772 of them. But chances of grammatical correctness tends to zero as string length increases so in that crazy number of collisions, we'd get few strings of valid words, and even fewer in a grammatical order, the overwhelming majority of which would be at the shorter end of the range. – Dewi Morgan Mar 01 '16 at 14:17