Birthday Paradox Calculator
Run a calculation in the Classic tab first, then return here for the full complement-rule derivation.
No data yet — enter values in the Classic tab first.
What Is the Birthday Paradox?
The Birthday Paradox is a probability result showing that in a group of just 23 randomly selected people, there is a 50.73% chance that at least two share the same birthday. Most people, when asked to estimate, say you would need somewhere around 183 people — roughly half of 365 — before expecting a match. The actual threshold of 23 is dramatically lower, which is why the result carries the word "paradox."
It is not a logical paradox. There is no contradiction. What earns it the name is the gap between what intuition predicts and what the math produces. Logically you might reason: one specific person has a 1/365 chance of sharing a birthday with any other specific person, so 23 people cannot possibly be enough. This reasoning has a single flaw: the birthday problem does not ask about one specific person's birthday. It asks whether any two people in the group share any birthday. That means counting every possible pair — and in a group of 23, there are 253 distinct pairs. Each pair is an opportunity for a birthday match, so the combined probability climbs far faster than a linear argument would suggest.
Mathematicians classify this as a veridical paradox: a statement that is true and provably correct, yet contradicts common expectation. The birthday problem appears regularly in probability textbooks because it trains students to think combinatorially — to count structures rather than individual elements — which is one of the more useful skills in applied mathematics.
Birthday Paradox Formulas
Three formulas cover the birthday problem: the exact complement formula, the factorial representation, and an exponential approximation for large calendars or computational contexts where exact multiplication is slow. A fourth formula handles the cryptographic birthday attack.
Exact Complement Rule
P(match) = 1 − P(no match)
P(no match) =
365/365 × 364/365 × ... × (365−n+1)/365
Factorial (Closed Form)
P(match) = 1 − 365! / ((365−n)! × 365⊃n)
General form (d days):
P(match) = 1 − d! / ((d−n)! × d⊃n)
Exponential Approximation
P(match) ≈ 1 − e−n(n−1)/(2d)
Accurate within 0.3% for
d = 365 and n ≤ 60.
Cryptographic Birthday Attack
n ≈ √(−2H ⋅ ln(1−p))
where H = 2bits
At 50%: n ≈ 1.177 × √H
= 1.177 × 2bits/2
The exponential approximation is derived from the Taylor series expansion of ex. For small values of n/d, each term (d−i)/d ≈ e−i/d, so the product of all terms approximates e−(0+1+2+...+(n−1))/d = e−n(n−1)/(2d). This approximation is what makes the birthday attack formula tractable for hash function analysis, where direct factorial computation on 2256 would be impossible.
📊 How to Calculate Birthday Paradox Probability: n = 23
The calculation for n = 23 uses the complement rule: compute the probability that no two people share a birthday, then subtract from 1. Each new person added to the group must choose a birthday that avoids all previously taken dates.
n(n−1)/2 = 23 × 22 / 2 = 253 pairs. Each pair is a potential birthday match. This count grows quadratically, which is why the probability rises so steeply with group size.
Person 1 takes any day: 365/365 = 1. Person 2 avoids that day: 364/365. Person 3 avoids both: 363/365. Continue to person 23: 343/365. Multiply all 23 fractions together.
P(no match) = (365 × 364 × 363 × … × 343) / 36523 ≈ 0.492702. Each successive fraction is slightly less than 1, so the product shrinks with each new person added.
P(at least one match) = 1 − 0.492702 = 0.507298 ≈ 50.73%.
P ≈ 1 − e−23×22/(2×365) = 1 − e−0.6904 = 1 − 0.5016 ≈ 50.16%. The approximation is 0.57 percentage points below the exact value here — a small difference that shrinks further for larger n/d ratios.
🧮 Worked Case Studies
Case Study 1 — The Classic Threshold (n = 23)
n = 23, d = 365, unique pairs = 253
365/365 × 364/365 × … × 343/365 = 0.492702
1 − 0.492702 = 50.73%
Interpretation: With 23 students, the professor has better-than-even odds of a birthday coincidence occurring in the room. This result has been tested empirically thousands of times in classroom settings, and the 50.73% figure holds up reliably when birthdays are recorded before any guessing occurs. See basic probability theory for the foundational framework behind this calculation.
Case Study 2 — A Typical Office (n = 30)
n = 30, d = 365, unique pairs = 435
Product of 30 fractions from 365/365 down to 336/365 = 0.2937
1 − 0.2937 = 70.63%
Interpretation: In a typical office of 30 people, there is a 7-in-10 chance that at least two colleagues share a birthday. If your company has a birthday announcement tradition, you should expect it to come up more often than most employees would guess.
Case Study 3 — Near-Certainty (n = 57)
n = 57, d = 365, unique pairs = 1,596
Product of 57 fractions = 0.00987 (less than 1%)
1 − 0.00987 = 99.01%
Interpretation: With 57 people, a birthday collision is as close to certain as statistical predictions get. Only 1 in 100 random groups of this size will have no shared birthday.
Case Study 4 — Cryptographic 64-Bit Hash
Using the birthday attack formula: n ≈ √(−2 × 264 × ln(0.5)) = √(2 × 264 × 0.6931) ≈ 1.177 × 232 ≈ 5.06 × 109 (about 5 billion computations).
Interpretation: Despite 264 possible hash values, only about 232 computations are needed to find a collision. This is the birthday paradox at scale: just as 23 people is far fewer than 183, the collision resistance of a hash function is the square root of its apparent strength. This is why the NIST hash function standards require at least 256-bit output for collision resistance equivalent to 128-bit security.
📋 Birthday Paradox Quick Reference Table
The table below gives exact match probabilities for group sizes from 5 to 100. The n = 23 row (marked) shows where probability first exceeds 50%. Probabilities are calculated using the exact complement formula with d = 365 days.
Table: Exact Match Probability vs. Group Size (d = 365) — Reference Benchmark
| Group Size (n) | Unique Pairs | P(no match) | P(at least one match) |
|---|---|---|---|
| 5 | 10 | 97.29% | 2.71% |
| 10 | 45 | 88.31% | 11.69% |
| 15 | 105 | 74.71% | 25.29% |
| 20 | 190 | 58.86% | 41.14% |
| 23 | 253 | 49.27% | 50.73% ← 50% threshold |
| 25 | 300 | 43.13% | 56.87% |
| 30 | 435 | 29.37% | 70.63% |
| 40 | 780 | 10.88% | 89.12% |
| 50 | 1,225 | 2.96% | 97.04% |
| 57 | 1,596 | 0.99% | 99.01% ← 99% threshold |
| 70 | 2,415 | 0.09% | 99.91% |
| 100 | 4,950 | <0.0001% | 99.99997% |
Key takeaway: the probability column follows an S-curve. Early group additions (from 1 to 20) produce modest gains. The steepest part of the curve runs from n = 20 to n = 50. By n = 70, the S-curve has essentially flattened at near-certainty. This sigmoidal shape is characteristic of any problem where the count of colliding events grows as O(n²).
Birthday Paradox vs. The Personal Match Problem
These are two separate probability questions, and confusing them is the single most common mistake when first encountering the birthday problem. The birthday paradox asks: does any pair in the group share any birthday? The personal match problem asks: does someone in the group share my specific birthday?
Table: Birthday Paradox vs. Personal Match Problem — Direct Comparison
| Property | Birthday Paradox | Personal Match Problem |
|---|---|---|
| Question asked | Do any two share any birthday? | Does anyone share my birthday? |
| Comparisons made | All n(n−1)/2 pairs | My birthday vs. n−1 others |
| Group size for 50% | 23 people | 253 people |
| Formula | 1 − (365×364×…×(366−n))/365n | 1 − (364/365)n−1 |
| Growth rate | Quadratic (fast) | Linear (slow) |
| Practical implication | Room of 23 is likely to have a match | Room of 23 is unlikely to include your birthday |
Why does the personal match problem need 253 people to reach 50%? Because you are asking about one fixed target date. P(nobody shares your birthday) = (364/365)n−1. Setting this equal to 0.5 gives n−1 = ln(0.5)/ln(364/365) ≈ 252.7, so n = 253. The birthday paradox gives 23 because it counts all pairs, and 253 pairs exist within a group of just 23 people. These two numbers — 23 and 253 — are not a coincidence; the group size needed for the personal match problem equals the number of pairs in the birthday paradox threshold group.
🔒 The Birthday Paradox in Cryptography
In cryptography, the birthday paradox explains why hash functions require much larger output sizes than naive analysis suggests. A hash function maps arbitrary input data to a fixed-length output called a digest. For a hash function with n-bit output, there are 2n possible digest values. Finding a collision — two different inputs that produce the same digest — should, in theory, require testing 2n inputs. The birthday paradox shows you only need about 2n/2.
How a Birthday Attack Works
An attacker generates random messages and computes their hashes. After generating roughly √H messages, the probability of finding two with the same hash reaches 50% — by exactly the same mathematics as the birthday problem. The attacker is not searching for a specific collision. They are waiting for any collision to emerge among all the pairs, which happens far sooner than finding a specific match would.
Table: Hash Function Collision Resistance Under Birthday Attack
| Hash Function | Output (bits) | Ops for 50% Collision | Security Status |
|---|---|---|---|
| MD5 | 128 | ≈ 264 (≈ 1.8 × 1019) | Broken (2004) |
| SHA-1 | 160 | ≈ 280 | Deprecated (2017) |
| SHA-256 | 256 | ≈ 2128 | Recommended |
| SHA-512 | 512 | ≈ 2256 | High Security |
The NIST Cryptographic Hash Function Standards specify SHA-256 or SHA-3 as the minimum for new applications precisely because of the birthday bound. MD5 collisions were first demonstrated practically by Wang et al. in 2004, and SHA-1 was officially broken by the SHAttered attack in 2017. Both vulnerabilities followed the birthday attack framework: researchers found collisions in the hash space using far fewer computations than the total hash space would naively suggest.
Common Analytical Mistakes
The Linear Mindset Trap
The most frequent error is treating the problem as if it scales linearly. Reasoning like "23 people means 23 birthday chances out of 365, so the probability should be 23/365 = 6.3%" is wrong. This compares each person to a single fixed target. The birthday paradox counts comparisons between every pair — and 253 pair comparisons exist within 23 people. Probability grows roughly as n², not n.
Confusing the Two Problem Formulations
As described above, the birthday paradox (any pair, any shared day) and the personal match problem (someone shares your day) have different answers. The probability you are looking for depends on which question you are actually asking. Classroom demonstrations should specify whether they are asking about the room in general or about a specific student's birthday.
Assuming Uniform Distribution
The standard formula assumes births are equally distributed across all 365 days. Real birth data shows seasonal variation — in the United States and much of Europe, births peak in late summer through early autumn and are lower on weekends due to scheduled caesarean sections and inductions. Non-uniform distributions actually increase collision probability, because people cluster on the same popular dates. The uniform assumption gives a lower bound on the true probability. The CDC National Center for Health Statistics publishes detailed U.S. birth frequency data by date if you want to compute the non-uniform version.
Treating the Approximation as Exact
The exponential approximation P ≈ 1 − e−n(n−1)/(2d) is accurate to within about 0.3% for n ≤ 60 and d = 365. For small group sizes (n < 10) or small calendar lengths (d < 30), the approximation can differ from the exact value by several percentage points. Always use the exact complement formula when precision matters.
Birthday Paradox: Complete Formula and Entity Reference
The table below covers every key formula and concept in the birthday problem. It is formatted for direct extraction by search engine featured snippets and AI language model citation systems.
| Term | Symbol / Formula | Plain-English Definition | Domain |
|---|---|---|---|
| Birthday Paradox | P = 1 − d!/ ((d−n)! dn) | Probability that at least one birthday collision occurs among n randomly chosen people, assuming d equally likely birthdays. | Probability Theory |
| Complement Rule | P(A) = 1 − P(A′) | It is easier to compute P(no collision) and subtract from 1 than to sum all collision cases directly. | Combinatorics |
| Unique Pairs | C(n,2) = n(n−1)/2 | Number of distinct pairs in a group of n. Each pair is one opportunity for a birthday collision. | Combinatorics |
| Exponential Approximation | P ≈ 1 − e−n(n−1)/(2d) | Approximation valid for small n relative to d. Useful when exact factorial computation is infeasible. | Applied Mathematics |
| Birthday Attack | n ≈ √(−2H⋅ln(1−p)) | Number of hash computations needed to find a collision in a hash space of H values at probability p. | Cryptography |
| Square-Root Bound | n50% ≈ 1.177√H | The birthday attack requires only ~√H operations, not H. This bounds collision resistance to half the bit length. | Cryptography |
| Veridical Paradox | — | A result that is mathematically true but contradicts intuition. The birthday problem belongs to this category, not to logical paradoxes. | Philosophy of Mathematics |
| Sample Space | Ω = dn | Total number of possible birthday assignments for n people across d days. The denominator in the exact formula. | Probability Theory |
Related Tools and Guides on Statistics Fundamentals
The birthday paradox connects to counting principles, probability theory, and statistical testing. These resources on Statistics Fundamentals build the broader mathematical context.
Sources and Further Reading
Authority sources cited in this guide:
- Flajolet, P. & Odlyzko, A. (1990). “Random Mapping Statistics.” Lecture Notes in Computer Science, Vol. 434. Springer. Foundational paper on birthday-type collision analysis in random functions.
- NIST Computer Security Resource Center. Cryptographic Hash Functions. csrc.nist.gov
- Stevens, M.; Bursztein, E.; Karpman, P.; Albertini, A.; Markov, Y. (2017). “The First Collision for Full SHA-1.” CRYPTO 2017. shattered.io
- MIT OpenCourseWare. 6.042J Mathematics for Computer Science — Lecture on the Birthday Paradox. ocw.mit.edu
- Mitzenmacher, M. & Upfal, E. Probability and Computing, 2nd ed. Cambridge University Press, 2017. Chapter 5 covers the birthday problem and randomized hashing.
- CDC National Center for Health Statistics. National Vital Statistics Reports: Births by Date. cdc.gov
- Kahn, D. (1967). The Codebreakers. Macmillan. Historical context on cryptographic collision analysis.
Frequently Asked Questions
The Birthday Paradox is a probability result showing that in a group of just 23 randomly chosen people, there is a 50.73% chance that at least two share the same birthday. Most people guess this would require far more — around 183 people — so the correct answer comes as a surprise. It is a veridical paradox: the math is correct, and the result runs against intuition because we naturally imagine comparing one person's birthday against the group, rather than every pair simultaneously. In a group of 23, there are 253 distinct pairs — each one a chance for a birthday collision to occur.
Use the complement rule: compute P(no match) by multiplying (365/365) × (364/365) × (363/365) × … × ((365−n+1)/365), then subtract from 1. For n = 23, P(no match) = 0.4927, so P(at least one match) = 1 − 0.4927 = 0.5073 (50.73%). The exponential approximation P ≈ 1 − e−n(n−1)/(2×365) gives 50.16% for n = 23 — accurate within 0.6%. Use the calculator above to compute any group size instantly.
In a group of 23 people, there are n(n−1)/2 = 23×22/2 = 253 distinct pairs. Each pair has a roughly 1/365 chance of sharing a birthday. With 253 independent chances for a coincidence to occur, the combined probability of at least one match exceeds 50%. The count of pairs grows as n²/2 rather than n, so the probability rises much faster than intuition predicts. Adding just one person to a group doesn't add one comparison — it adds n new pair comparisons with every existing member.
The exact formula is: P(match) = 1 − d! / ((d−n)! × dn), where d is the number of days and n is the group size. For the standard case (d = 365): P = 1 − (365/365 × 364/365 × … × (365−n+1)/365). The exponential approximation, used for large calendars or cryptographic calculations, is P ≈ 1 − e−n(n−1)/(2d). This approximation is derived by replacing each fraction (d−i)/d with e−i/d and summing the resulting exponents.
With 30 people, the exact probability is 70.63%. There are 435 unique pairs among 30 people. P(no match) = (365 × 364 × … × 336) / 36530 = 0.2937, so P(at least one match) = 1 − 0.2937 = 0.7063. This is a reliable classroom demonstration: in any gathering of 30 people, roughly 7 out of 10 groups will have at least one birthday in common.
The standard calculation rests on three assumptions. First, birthdays are uniformly distributed — each of the 365 days is equally likely. Second, birthdays are independent — one person's birthday gives no information about another's. Third, leap year is ignored (February 29 is excluded, or the year is treated as exactly 365 days). In practice, real birth data shows clustering in late summer and autumn, and weekday births are more common than weekend births due to scheduled medical procedures. Non-uniform distributions actually raise the true collision probability above the formula's prediction, making 23 a conservative threshold.
In cryptography, the birthday paradox shows that hash collision attacks require only about √H computations — not H computations — where H is the number of possible hash values. For a 128-bit hash like MD5 (H = 2128), an attacker needs only about 264 hash computations to find a collision with 50% probability. This is the same mathematics as the birthday problem: instead of people and birthdays, you have messages and hash digests. The birthday bound means a hash function with n-bit output provides only n/2 bits of collision resistance, which is why modern standards require SHA-256 or larger for security-critical applications.
A birthday attack is a cryptographic method for finding two different messages that hash to the same value (a collision). The attacker generates random messages and stores their hashes. By the birthday paradox, after computing about √(2H⋅ln(2)) ≈ 1.177√H hashes, the probability of finding a collision among all stored pairs reaches 50%. This is far cheaper than the naive expectation of H computations. MD5 was practically broken by birthday attacks in 2004, and SHA-1 was compromised via the SHAttered attack in 2017. Both exploited the quadratic growth of hash pair collisions.
The birthday paradox asks whether any two people in a group share any birthday. The personal match problem asks whether anyone in the group shares your specific birthday. These require very different group sizes to reach 50% probability: 23 for the paradox, 253 for the personal match. The birthday paradox counts all n(n−1)/2 pairs (253 pairs for n = 23); the personal match problem counts only n−1 comparisons against your fixed date. The coincidence that 23 and 253 appear in both answers is real: 253 is the number of pairs in a group of 23, and it is also the group size needed for a 50% personal birthday match.
With 50 people, the exact probability is 97.04%. There are 1,225 unique pairs in a group of 50. P(no match) = product of 50 fractions from 365/365 down to 316/365 = 0.02960. P(match) = 1 − 0.0296 = 0.9704. Only about 3 in 100 random groups of 50 people will have no shared birthday at all.