Paper 2004/264

Musings on the Wang et al. MD5 Collision

Philip Hawkes, Michael Paddon, and Gregory G. Rose

Abstract

Wang et al. caused great excitement at CRYPTO2004 when they announced a collision for MD5~\cite{R92_MD5}. This paper is examines the internal differences and conditions required for the attack to be successful. There are a large number of conditions that must be satisfied, thus indicating Wang at al. have found a clever way to generate message pairs for which the conditions are satisfied. The large number of conditions suggests that an attacker cannot use these differentials to cause second pre-image attacks with complexity less than generic attacks. Initial examination also suggests that an attacker cannot cause such collisions for HMAC-MD5 with complexity less than generic attacks.

Note: Disclaimer: This document notes some observations of the authors regarding the collisions generated by Wang et al.. We do not claim to have any new discoveries in this paper. However, we hope that this paper provides a useful explanation until the time when Wang et al. publish a detailed analysis of their discoveries.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
hash functionscryptanalysis
Contact author(s)
phawkes @ qualcomm com
History
2004-10-14: received
Short URL
https://ia.cr/2004/264
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2004/264,
      author = {Philip Hawkes and Michael Paddon and Gregory  G.  Rose},
      title = {Musings on the Wang  et al. MD5 Collision},
      howpublished = {Cryptology ePrint Archive, Paper 2004/264},
      year = {2004},
      note = {\url{https://eprint.iacr.org/2004/264}},
      url = {https://eprint.iacr.org/2004/264}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.