MD5 collision method published
Anonymous
cripto at ecn.org
Fri Mar 11 11:09:26 PST 2005
At last, the secret of how to make MD5 collisions is out!
See http://cryptography.hyperlink.cz/MD5_collisions.html. This includes
the Wang report, probably the one which will be presented at Eurocrypt:
http://www.infosec.sdu.edu.cn/paper/md5-attack.pdf.
As a bonus, it includes an independent reconstruction of the attack by
Vlastimil Klima, http://cryptography.hyperlink.cz/md5/MD5_collisions.pdf.
The attack has two parts: finding a first block which almost collides,
then finding a second block which eliminates the differences left after
the first block. Klima claims that his method is much faster for the
first part, taking only 2 minutes compared to an hour for the Wang method.
However he was not able to match the Wang performance for the second part;
his method is 80 times slower for that. He predicts:
"It may be expected that after publishing the Chinese method the overall
time for finding a complete collision can fall down to as less as 2
minutes on a PC notebook."
Well, now Wang has published her method, linked there on Klima's web site,
and so it should be possible in principle to put them both together.
No source code is published, but we can create it from the papers.
I guess I know what I'll be hacking on this weekend!
More information about the cypherpunks-legacy
mailing list