I thought (perhaps) this may be of interest - Forwarded message:
Newsgroups: sci.crypt Subject: Re: Error in RFC1 321 (MD5) ? Date: 18 Oct 93 09:10:29 Organization: RSA Data Security, Inc. Lines: 27 Distribution: world Message-ID: <BURT.93Oct18091029@chirality.rsa.com> References: <29u8jqINNn0s@umbc7.umbc.edu> NNTP-Posting-Host: chirality.rsa.com In-reply-to: olson@umbc.edu's message of 18 Oct 1993 10:18:34 -0400
In article <29u8jqINNn0s@umbc7.umbc.edu> olson@umbc.edu (Bryan G. Olson) writes:
I just ftp'd RFC 1321 ( MD5 Message-Digest Algorithm ) from rsa.com, and I believe there is a minor error in the specification of the algorithm.
On page 5, the four operations used in the four rounds are defined, and the operations for round 3 and 4 seem to have mis-matched parameter names. Specifically from page 5:
[...]
/* Round 3. */ /* Let [abcd k s t] denote the operation a = b + ((a + H(b,c,d) + X[k] + T[i]) <<< s). */ /* Do the following 16 operations. */
[...]
/* Round 4. */ /* Let [abcd k s t] denote the operation a = b + ((a + I(b,c,d) + X[k] + T[i]) <<< s). */ /* Do the following 16 operations. */
[...]
Yes, the 't' should be an 'i'. Not a major source of confusion, but something that should be noted and corrected.
-- Burt Kaliski RSA Laboratories
_____________________________________________________________________________ Paul Ferguson Mindbank Consulting Group fergp@sytex.com Fairfax, Virginia USA ferguson@icp.net