Assuming you have a PHP powered site that creates a random hash (using sha1()). What are the chances of a collision?
If you assume that SHA-1 does a good job, you can conclude that there's a 1 in 2^160 chance that two given messages have the same hash (since SHA-1 produces a 160-bit hash).
2^160 is an extremely large number. It's roughly 10^48. Even if you have a million entries in your database, that's still a 1 in 10^42 chance that a new entry will share the same hash.
SHA-1 has proved to be fairly good, so there is no need to worry about collisions at all.
3 years 22 weeks ago