MD4

From The ECRYPT Hash Function Website
Revision as of 19:47, 10 March 2008 by Tnad (talk | contribs) (Collision Attacks)

1 Specification

  • digest size: 128 bits
  • max. message length: < 264 bits
  • compression function: 512-bit message block, 128-bit chaining variable
  • Specification:

2 Cryptanalysis

2.1 Best Known Results


2.2 Generic Attacks


2.3 Collision Attacks

Hans Dobbertin - Cryptanalysis of MD4

J. Cryptology 11(4):253-271,1998
http://link.springer.de/link/service/journals/00145/bibs/11n4p253.html
Bibtex
Author : Hans Dobbertin
Title : Cryptanalysis of MD4
In : J. Cryptology -
Address :
Date : 1998

Hans Dobbertin - Cryptanalysis of MD4

FSE 1039:53-69,1996
http://dx.doi.org/10.1007/s001459900047
Bibtex
Author : Hans Dobbertin
Title : Cryptanalysis of MD4
In : FSE -
Address :
Date : 1996

Serge Vaudenay - On the Need for Multipermutations: Cryptanalysis of MD4 and SAFER

FSE 1008:286-297,1995
http://dx.doi.org/10.1007/3-540-60590-8_22
Bibtex
Author : Serge Vaudenay
Title : On the Need for Multipermutations: Cryptanalysis of MD4 and SAFER
In : FSE -
Address :
Date : 1995

2.4 Second Preimage Attacks

Hans Dobbertin - The First Two Rounds of MD4 are Not One-Way

FSE 1372:284-292,1998
http://dx.doi.org/10.1007/3-540-69710-1_19
Bibtex
Author : Hans Dobbertin
Title : The First Two Rounds of MD4 are Not One-Way
In : FSE -
Address :
Date : 1998

2.5 Preimage Attacks


2.6 Others