Abstract
MD5 is a well-known and widely-used cryptographic hash function. It has received renewed attention from researchers subsequent to the recent announcement of collisions found by Wang et al. [16]. To date, however, the method used by researchers in this work has been fairly difficult to grasp.
In this paper we conduct a study of all attacks on MD5 starting from Wang. We explain the techniques used by her team, give insights on how to improve these techniques, and use these insights to produce an even faster attack on MD5. Additionally, we provide an “MD5 Toolkit” implementing these improvements that we hope will serve as an open-source platform for further research.
Our hope is that a better understanding of these attacks will lead to a better understanding of our current collection of hash functions, what their strengths and weaknesses are, and where we should direct future efforts in order to produce even stronger primitives.
Chapter PDF
Similar content being viewed by others
References
Black, J., Cochran, M., Highland, T.: A study of the MD5 attacks: Insights and improvements (full version). Manuscript available at, http://www.cs.colorado.edu/~jrblack/papers.html
Damgård, I.: A design principle for hash functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)
Daum, M.: Cryptanalysis of hash functions of the MD4 family. Dissertation, available at, http://www.cits.rub.de/imperia/md/content/magnus/dissmd4.pdf
den Boer, B., Bosselaers, A.: Collisions for the compression function of MD5. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 293–304. Springer, Heidelberg (1994)
Dobbertin, H.: Cryptanalysis of MD5 compress. Presented at the rump session of EUROCRYPT 1996 (1996)
Hawkes, P., Paddon, M., Rose, G.G.: Musings on the Wang et al. MD5 collision (October 2004), See http://eprint.iacr.org/2004/264
Klima, V.: Tunnels in hash functions: MD5 collisions within a minute, See http://eprint.iacr.org/2006/105
Klima, V.: Finding MD5 collisions: A toy for a notebook (March 2005), See http://eprint.iacr.org/2005/075
Klima, V.: Finding MD5 collisions on a notebook PC using multi-message modifications. In: International Scientific Conference Security and Protection of Information (May 2005)
Merkle, R.C.: One way hash functions and DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 428–446. Springer, Heidelberg (1990)
Rivest, R.: The MD5 message-digest algorithm. RFC 1321 (April 1992)
Rogaway, P., Shrimpton, T.: Cryptographic hash-function basics: Definitions, implications and separations for preimage resistance, second-preimage resistance, and collision resistance. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 371–388. Springer, Heidelberg (2004)
Stach, P., Liu, V.: MD5 collision generation. Code, available at, http://www.stachliu.com/collisions.html
Stevens, M.: HashClash, See http://www.win.tue.nl/hashclash/
Wang, X., Lai, X., Feng, D., Chen, H., Yu, X.: Cryptanalysis of the hash functions MD4 and RIPEMD. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 1–18. Springer, Heidelberg (2005)
Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Black, J., Cochran, M., Highland, T. (2006). A Study of the MD5 Attacks: Insights and Improvements. In: Robshaw, M. (eds) Fast Software Encryption. FSE 2006. Lecture Notes in Computer Science, vol 4047. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11799313_17
Download citation
DOI: https://doi.org/10.1007/11799313_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36597-6
Online ISBN: 978-3-540-36598-3
eBook Packages: Computer ScienceComputer Science (R0)