Difference between revisions of "MD5"
From The ECRYPT Hash Function Website
Mschlaeffer (talk | contribs) |
Mlamberger (talk | contribs) (→Collision Attacks) |
||
| Line 21: | Line 21: | ||
=== Collision Attacks === | === Collision Attacks === | ||
| + | |||
| + | <bibtex> | ||
| + | @inproceedings{eurocryptStevensLW07, | ||
| + | author = {Marc Stevens and Arjen K. Lenstra and Benne de Weger}, | ||
| + | title = {Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities}, | ||
| + | booktitle = {EUROCRYPT}, | ||
| + | year = {2007}, | ||
| + | pages = {1-22}, | ||
| + | abstract = {We present a novel, automated way to find differential paths for MD5. As an application we have shown how, at an approximate expected cost of 250 calls to the MD5 compression function, for any two chosen message prefixes P and P′, suffixes S and S′ can be constructed such that the concatenated values P||S and P′||S′ collide under MD5. Although the practical attack potential of this construction of chosen-prefix collisions is limited, it is of greater concern than random collisions for MD5. To illustrate the practicality of our method, we constructed two MD5 based X.509 certificates with identical signatures but different public keys and different Distinguished Name fields, whereas our previous construction of colliding X.509 certificates required identical name fields. We speculate on other possibilities for abusing chosen-prefix collisions. More details than can be included here can be found on www.win.tue.nl/hashclash/ChosenPrefixCollisions/.}, | ||
| + | editor = {Moni Naor}, | ||
| + | volume = {4515}, | ||
| + | series = {LNCS}, | ||
| + | publisher = {Springer}, | ||
| + | isbn = {978-3-540-72539-8}, | ||
| + | url = {http://dx.doi.org/10.1007/978-3-540-72540-4_1}, | ||
| + | } | ||
| + | </bibtex> | ||
<bibtex> | <bibtex> | ||
Revision as of 12:12, 11 March 2008
Contents
1 Specification
2 Cryptanalysis
2.1 Best Known Results
2.2 Generic Attacks
2.3 Collision Attacks
Marc Stevens, Arjen K. Lenstra, Benne de Weger - Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities
- EUROCRYPT 4515:1-22,2007
- http://dx.doi.org/10.1007/978-3-540-72540-4_1
BibtexAuthor : Marc Stevens, Arjen K. Lenstra, Benne de Weger
Title : Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities
In : EUROCRYPT -
Address :
Date : 2007
Xiaoyun Wang, Hongbo Yu - How to Break MD5 and Other Hash Functions
- EUROCRYPT 3494:19-35,2005
- http://dx.doi.org/10.1007/11426639_2
BibtexAuthor : Xiaoyun Wang, Hongbo Yu
Title : How to Break MD5 and Other Hash Functions
In : EUROCRYPT -
Address :
Date : 2005
Bert den Boer, Antoon Bosselaers - Collisions for the Compression Function of MD5
- EUROCRYPT pp. 293-304,1993
- http://link.springer.de/link/service/series/0558/bibs/0765/07650293.htm
BibtexAuthor : Bert den Boer, Antoon Bosselaers
Title : Collisions for the Compression Function of MD5
In : EUROCRYPT -
Address :
Date : 1993
Thomas A. Berson - Differential Cryptanalysis Mod 2^32 with Applications to MD5
- EUROCRYPT pp. 71-80,1992
- http://link.springer.de/link/service/series/0558/bibs/0658/06580071.htm
BibtexAuthor : Thomas A. Berson
Title : Differential Cryptanalysis Mod 2^32 with Applications to MD5
In : EUROCRYPT -
Address :
Date : 1992
2.4 Second Preimage Attacks
2.5 Preimage Attacks
2.6 Others
John Black, Martin Cochran, Trevor Highland - A Study of the MD5 Attacks: Insights and Improvements
