Paper 2007/101

Practical Password Recovery on an MD5 Challenge and Response

Yu Sasaki, Go Yamamoto, and Kazumaro Aoki

Abstract

This paper shows an attack against APOP protocol which is a challenge-and-response protocol. We utilize the Wang's attack to make collisions in MD5, and apply it to APOP protocol. We confirmed that the first 3 octets of secret key can be recovered by several hundred queries under the man-in-the-middle environment.

Metadata
Available format(s)
PDF PS
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
APOPMD5collision
Contact author(s)
maro @ isl ntt co jp
History
2007-03-22: received
Short URL
https://ia.cr/2007/101
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2007/101,
      author = {Yu Sasaki and Go Yamamoto and Kazumaro Aoki},
      title = {Practical Password Recovery on an MD5 Challenge and Response},
      howpublished = {Cryptology ePrint Archive, Paper 2007/101},
      year = {2007},
      note = {\url{https://eprint.iacr.org/2007/101}},
      url = {https://eprint.iacr.org/2007/101}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.