Preimage Attacks on Step-Reduced MD5

Sasaki, Yu; Aoki, Kazumaro

doi:10.1007/978-3-540-70500-0_21

Preimage Attacks on Step-Reduced MD5

Yu Sasaki¹ &
Kazumaro Aoki¹

Conference paper

1150 Accesses
16 Citations

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5107))

Abstract

In this paper, we propose preimage attacks on step-reduced MD5. We show that a preimage of a 44-step MD5 can be computed to a complexity of 2⁹⁶. We also consider a preimage attack against variants of MD5 where the round order is modified from the real MD5. In such a case, a preimage of a 51-step round-reordered MD5 can be computed to a complexity of 2⁹⁶. Our attack uses “local collisions” of MD5 to create a degree of message freedom. This freedom enables us to match the two 128-bit intermediate values efficiently.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Aumasson, J.-P., Meier, W., Mendel, F.: Preimage Attacks on 3-Pass HAVAL and Step-Reduced MD5. Cryptology ePrint Archive, Report 2008/183, http://eprint.iacr.org/2008/183.pdf
Black, J., Cochran, M., Highland, T.: A Study of the MD5 Attacks: Insights and Improvements. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol. 4047, pp. 262–277. Springer, Heidelberg (2006)
Chapter Google Scholar
den Boer, B., Bosselaers, A.: Collisions for the Compression Function of MD5. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 293–304. Springer, Heidelberg (1994)
Google Scholar
De, D., Kumarasubramanian, A., Venkatesan, R.: Inversion Attacks on Secure Hash Functions Using SAT Solvers. In: Marques-Silva, J., Sakallah, K.A. (eds.) SAT 2007. LNCS, vol. 4501, pp. 377–382. Springer, Heidelberg (2007)
Chapter Google Scholar
Dobbertin, H.: The First Two Rounds of MD4 are Not One-Way. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 284–292. Springer, Heidelberg (1998)
Chapter Google Scholar
Dobbertin, H.: Cryptanalysis of MD5 compress. In: Announcement at the Rump session of Eyrocrypt 1996 (1996)
Google Scholar
Dobbertin, H.: The Status of MD5 After a Recent Attack. CryptoBytes The technical newsletter of RSA Laboratories, a division of RSA Data Security, Inc. 2(2), Summer 1996 (1996)
Google Scholar
Joux, A.: Multicollisions in Iterated Hash Functions. Applications to Cascaded Constructions. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 306–316. Springer, Heidelberg (2004)
Google Scholar
Klima, V.: Tunnels in Hash Functions: MD5 Collisions Within a Minute. Cryptology ePrint Archive, Report 2006/105, http://eprint.iacr.org/2006/105.pdf
Knudsen, L.R., Mathiassen, J.E.: Preimage and Collision Attacks on MD2. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 255–267. Springer, Heidelberg (2005)
Google Scholar
Kuwakado, H., Tanaka, H.: New Algorithm for Finding Preimages in a Reduced Version of the MD4 Compression Function. IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences E83-A(1), 97–100 (2000)
Google Scholar
Leurent, G.: MD4 is Not One-Way. In: Preproceedings of Fast Software Encryption - FSE 2008 (2008)
Google Scholar
Liang, J., Lai, X.: Improved Collision Attack on Hash Function MD5. Journal of Computer Science and Technology 22(1), 79–87 (2007)
Article Google Scholar
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of applied cryptography. CRC Press, Boca Raton (1997)
MATH Google Scholar
Muller, F.: The MD2 Hash Function Is Not One-Way. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 214–229. Springer, Heidelberg (2004)
Google Scholar
Rivest, R.L.: The MD5 Message Digest Algorithm. RFC 1321 (April 1992), http://www.ietf.org/rfc/rfc1321.txt
Rogaway, P.: Formalizing human ignorance. In: Nguyên, P.Q. (ed.) VIETCRYPT 2006. LNCS, vol. 4341, pp. 211–228. Springer, Heidelberg (2006)
Chapter Google Scholar
Sasaki, Y., Naito, Y., Kunihiro, N., Ohta, K.: Improved Collision Attacks on MD4 and MD5. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E90-A(1), 36–47 (2007)
Article Google Scholar
Wang, X., Yu, H.: How to Break MD5 and Other Hash Functions. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–25. Springer, Heidelberg (2005)
Google Scholar
Yu, H., Wang, X.: Multi-collision Attack on the Compression Functions of MD4 and 3-Pass HAVAL. In: Nam, K.-H., Rhee, G. (eds.) ICISC 2007. LNCS, vol. 4817, pp. 206–226. Springer, Heidelberg (2007)
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

NTT Information Sharing Platform Laboratories, NTT Corporation, , 3-9-11 Midoricho, Musashino-shi, Tokyo, 180-8585, Japan
Yu Sasaki & Kazumaro Aoki

Authors

Yu Sasaki
View author publications
You can also search for this author in PubMed Google Scholar
Kazumaro Aoki
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Yi Mu Willy Susilo Jennifer Seberry

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Sasaki, Y., Aoki, K. (2008). Preimage Attacks on Step-Reduced MD5. In: Mu, Y., Susilo, W., Seberry, J. (eds) Information Security and Privacy. ACISP 2008. Lecture Notes in Computer Science, vol 5107. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-70500-0_21

Download citation

DOI: https://doi.org/10.1007/978-3-540-70500-0_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69971-2
Online ISBN: 978-3-540-70500-0
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics