Difference between revisions of "MD2"
From The ECRYPT Hash Function Website
(→Collision Attacks) |
(→Specification) |
||
(2 intermediate revisions by one other user not shown) | |||
Line 1: | Line 1: | ||
== Specification == | == Specification == | ||
+ | |||
+ | * digest size: 128 bits | ||
<!-- | <!-- | ||
− | |||
* max. message length: < 2<sup>64</sup> bits | * max. message length: < 2<sup>64</sup> bits | ||
− | |||
− | |||
--> | --> | ||
+ | * compression function: 128-bit message block, 7296-bit internal state | ||
+ | * Specification: [http://www.ietf.org/rfc/rfc1319.txt RFC1319] | ||
== Cryptanalysis == | == Cryptanalysis == | ||
Line 16: | Line 17: | ||
=== Generic Attacks === | === Generic Attacks === | ||
− | * [[ | + | * MD2 is not a design follwing the Merkle-Damgaard construction principle. [[GenericAttacksHash| Generic Attacks on Hash Functions]] |
---- | ---- |
Latest revision as of 09:53, 12 March 2008
Contents
1 Specification
- digest size: 128 bits
- compression function: 128-bit message block, 7296-bit internal state
- Specification: RFC1319
2 Cryptanalysis
2.1 Best Known Results
2.2 Generic Attacks
- MD2 is not a design follwing the Merkle-Damgaard construction principle. Generic Attacks on Hash Functions
2.3 Collision Attacks
Lars R. Knudsen, John Erik Mathiassen - Preimage and Collision Attacks on MD2
- FSE 3557:255-267,2005
- http://dx.doi.org/10.1007/11502760_17
BibtexAuthor : Lars R. Knudsen, John Erik Mathiassen
Title : Preimage and Collision Attacks on MD2
In : FSE -
Address :
Date : 2005
2.4 Second Preimage Attacks
2.5 Preimage Attacks
Fr\'ed\'eric Muller - The MD2 Hash Function Is Not One-Way
- ASIACRYPT 3329:214-229,2004
- http://springerlink.metapress.com/openurl.asp?genre=article{\&}issn=0302-9743{\&}volume=3329{\&}spage=214
BibtexAuthor : Fr\'ed\'eric Muller
Title : The MD2 Hash Function Is Not One-Way
In : ASIACRYPT -
Address :
Date : 2004
2.6 Others
N. Rogier, Pascal Chauvaud - MD2 Is not Secure without the Checksum Byte