It takes just 23 people for a shared birthday to be likely

Gather 23 people at random and there is a 50.7% chance that at least two share a birthday. Push the group to 57 people and the probability climbs to about 99%. With 365 possible birthdays, that feels far too low — which is why it’s called the birthday paradox.

The trick to the math is to count the opposite event. Instead of chasing every way a match could happen, compute the chance of no match: the first person can have any birthday, the second must dodge it (364/365), the third must dodge both (363/365), and so on down to 343/365 for the twenty-third. Multiply that chain and you get roughly 0.493 — so the chance of at least one shared birthday is about 1 − 0.493 = 50.7%.

Among 23 people there are 22 + 21 + … + 1 = 253 possible pairs.

What fools intuition is the question you think you’re asking. Matching your specific birthday is genuinely hard — you’d need about 253 people for even odds. But the room asks about any pair, and 23 people already make 253 pairs, each a fresh chance for a collision.

The same math underwrites cryptography. A birthday attack finds two inputs with the same hash in roughly the square root of the output space — about 2^(n/2) tries for an n-bit hash. That square-root shortcut is precisely why a hash like SHA-256 must be twice as long as its target security level.