Message Freedom in MD4 and MD5 Collisions: Application to APOP

14 years 5 months ago

Download www.eleves.ens.fr

Abstract. In Wang’s attack, message modiﬁcations allow to deterministically satisfy certain suﬃcient conditions to ﬁnd collisions eﬃciently. Unfortunately, message modiﬁcations signiﬁcantly change the messages and one has little control over the colliding blocks. In this paper, we show how to choose some part of the messages which collide. Consequently, we break a security countermeasure proposed by Szydlo and Yin at CT-RSA ’06, where they added a ﬁxed padding at the end of each block. Furthermore, we also apply this technique to partially recover the passwords in the Authentication Protocol of the Post Oﬃce Protocol (POP). This shows that collision attacks can be used to attack real protocols, which means that ﬁnding collisions is a real threat. Key words: Hash function, MD4, MD5, Wang, message modiﬁcation for meaningful collisions, APOP security

Gaëtan Leurent

Real-time Traffic

Certain Suﬃcient Conditions | Collisions | Cryptography | FSE 2007 | Message Modiﬁcation |

claim paper

Post Info
More Details (n/a)

Added	07 Jun 2010
Updated	07 Jun 2010
Type	Conference
Year	2007
Where	FSE
Authors	Gaëtan Leurent

Comments (0)

Sciweavers

Message Freedom in MD4 and MD5 Collisions: Application to APOP

Certain Suﬃcient Conditions | Collisions | Cryptography | FSE 2007 | Message Modiﬁcation |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers