#### @BitTwister

"nearly infinite"

Well, you're right, there can only be an infinite number of file inputs if infinite file length is possible which, of course, it isn't. The point is that the number of FEASIBLY possible file inputs might as well be infinite.

If, for example, you consider ONLY files of 4MB in size. There are 2^25 possible such files. A 128-bit hash has 2^7 possible values. Therefore, on average, each hash value can be derived from 2^18 different files.

As John Stag kindly pointed out, we can already provide security that is theoretically impossible to crack by brute-force methods. The problems arise when weaknesses in the security algorithms make it possible to bypass these theoretical limits and find a solution more directly.

Winword.exe on my system is over 12MB in size. I'm pretty sure a decent (?) piece of malware could be written that would be a fraction of that size. If I then had some way to populate the other 11Mb with junk such that the MD5 (or whatever) hash of the whole file matched the original Winword.exe hash, it would pass a hash-based check.

Without actually being able to prove it, I am pretty well positive that there would be many different versions of my file that could be made to match the original MD5 hash. Whether it could AT THE SAME TIME match an SHA-1 hash, and/or an SHA-2 hash etc, would be a question for a REAL cryptographer!