Finding MD5 Collisions on a Notebook PC Using Multi-message Modifications

In this paper, we summarize the results achieved during our brief three months long research on collisions of the MD5 hash function. Being inspired by the results announced by Wang et al. [1] we independently developed methods for finding collisions which work for any initialization value and which are quicker than the methods presented in [1, 8]. It enables us to find a MD5 collision on a standard notebook PC roughly in 8 hours [7]. Independently on [1, 8], we discovered and propose several multi-message modification methods, which are more effective than methods described in [1, 8]. We show their principle.

[1]  Dan Kaminsky,et al.  MD5 To Be Considered Harmful Someday , 2004, IACR Cryptol. ePrint Arch..

[2]  Vlastimil Klíma Finding MD5 Collisions - a Toy For a Notebook , 2005, IACR Cryptol. ePrint Arch..

[3]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[4]  Ondrej Mikle,et al.  Practical Attacks on Digital Signatures Using MD5 Message Digest , 2004, IACR Cryptol. ePrint Arch..

[5]  Hui Chen,et al.  Cryptanalysis of the Hash Functions MD4 and RIPEMD , 2005, EUROCRYPT.

[6]  Xiaoyun Wang,et al.  Colliding X.509 Certificates , 2005, IACR Cryptol. ePrint Arch..

[7]  Dengguo Feng,et al.  Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD , 2004, IACR Cryptol. ePrint Arch..

[8]  Philip Hawkes,et al.  Musings on the Wang et al. MD5 Collision , 2004, IACR Cryptol. ePrint Arch..

[9]  Xiaoyun Wang,et al.  How to Break MD5 and Other Hash Functions , 2005, EUROCRYPT.