Collision course

15 points

Your task is pretty simple, but can be a launch pad into very interesting territory.

Send a request to the challenge endpoint. You'll receive a JSON with a single attribute - a pretty random string.

You have about 15 seconds to generate two different files - each of them including the string you just received - which when hashed with MD5 produce the same hash.

Send them back, base64-encoded, to the solution endpoint to get your reward.

Getting the problem set

GET /challenges/collision_course/problem?access_token=...

Problem JSON structure is simple:

  • include: the common string

Submitting a solution

POST /challenges/collision_course/solve?access_token=...

Your solution should be a JSON with a single key inside:

  • files: an array with two strings which should be the base64-encoded files that collide for MD5


On the surface of it, hash collisions are boring. When you're mapping an inifite problem space to a finite solution set, stuff has to collide, what's the big deal?

Turns out a small dive into the inner workings of the algorithms and the collision business has a few interesting twists. This is that dive. Have fun.

You too can support h^ by buying me a coffee. Cheers!
Also, I'd love to hear from you. Whatever you got, drop me an email. My h^ profile is here.