Internet Engineering Task Force (ietf) Updated Security Considerations for the Md5 Message-digest and the Hmac-md5 Algorithms

This document updates the security considerations for the MD5 message digest algorithm. It also updates the security considerations for HMAC-MD5.

[1]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[2]  Marshall T. Rose,et al.  Post Office Protocol: Version 3 , 1988, RFC.

[3]  Radha Poovendran,et al.  The AES-CMAC Algorithm , 2006, RFC.

[4]  Marc Stevens,et al.  Short Chosen-Prefix Collisions for MD5 and the Creation of a Rogue CA Certificate , 2009, CRYPTO.

[5]  Vlastimil Klíma,et al.  Tunnels in Hash Functions: MD5 Collisions Within a Minute , 2006, IACR Cryptol. ePrint Arch..

[6]  Hans Dobbertin Cryptanalysis of MD5 Compress , 1996 .

[7]  Marc Stevens,et al.  Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities , 2007, EUROCRYPT.

[8]  Marc Stevens,et al.  On Collisions for MD5 , 2007 .

[9]  Antoon Bosselaers,et al.  Collisions for the Compressin Function of MD5 , 1994, EUROCRYPT.

[10]  Marc Stevens,et al.  Chosen-prefix collisions for MD5 and applications , 2012, Int. J. Appl. Cryptogr..

[11]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[12]  Gaëtan Leurent,et al.  Message Freedom in MD4 and MD5 Collisions: Application to APOP , 2007, FSE.

[13]  Gaëtan Leurent,et al.  Full Key-Recovery Attacks on HMAC/NMAC-MD4 and NMAC-MD5 , 2007, CRYPTO.

[14]  Paul E. Hoffman,et al.  Attacks on Cryptographic Hashes in Internet Protocols , 2005, RFC.

[15]  Yu Sasaki,et al.  Finding Preimages in Full MD5 Faster Than Exhaustive Search , 2009, EUROCRYPT.

[16]  Dengguo Feng,et al.  Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD , 2004, IACR Cryptol. ePrint Arch..

[17]  Magnus Nyström,et al.  Identifiers and Test Vectors for HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 , 2005, Request for Comments.

[18]  Elaine B. Barker,et al.  Recommendation for the Transitioning of Cryptographic Algorithms and Key Sizes , 2010 .

[19]  Robert Glenn,et al.  Test Cases for HMAC-MD5 and HMAC-SHA-1 , 1997, RFC.

[20]  Xiaoyun Wang,et al.  How to Break MD5 and Other Hash Functions , 2005, EUROCRYPT.

[21]  Scott Contini,et al.  Forgery and Partial Key-Recovery Attacks on HMAC and NMAC Using Hash Collisions , 2006, ASIACRYPT.

[22]  Wei Wang,et al.  Cryptanalysis on HMAC/NMAC-MD5 and MD5-MAC , 2009, EUROCRYPT.