Practical Attacks on Digital Signatures Using MD5 Message Digest
نویسنده
چکیده
We use the knowledge of the single MD5 collision published by Wang et al. [2] to show an example of a pair of binary self-extract packages with equal MD5 checksums, whereas resulting extracted contracts have fundamentally different meaning. Secondly, we demonstrate how an attacker could create custom pair of such packages containing files arbitrarily chosen by the attacker with equal MD5 sums where each of the package extracts different file. Once the algorithm for finding MD5 collisions is published, attack could be made even more effective as we explain further. Authors of [2] claim to know such algorithm for any MD5 initialization vector. A real-world scenario of such attack is outlined. Finally, we point out the consequences resulting from such attack for signature schemes based on MD5 message digest on an example using GPG.
منابع مشابه
C Ryptanalyzing of M Essage D Igest a Lgorithms Md 4 And
Hash functions are tools used in integrity of messages, digital signatures and digital time stamping. Message digest algorithms started with public key cryptography for authentication. Digest algorithms compute some hash functions, which are message digest values based on a simple set of primitive operations of 32-bit words. Among the digest algorithms MD4 and MD5 are most popular. Both these a...
متن کاملConnection: close Content-Type: text/plain Internet Draft Expires 11/5/97 RSA Laboratories Status of this Memo
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." To learn the current status of any Internet-Draft, please check the "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow D...
متن کاملA secured Cryptographic Hashing Algorithm
Cryptographic hash functions for calculating the message digest of a message has been in practical use as an effective measure to maintain message integrity since a few decades. This message digest is unique, irreversible and avoids all types of collisions for any given input string. The message digest calculated from this algorithm is propagated in the communication medium along with the origi...
متن کاملA Secure Hash Function MD-192 With Modified Message Expansion
Cryptographic hash functions play a central role in cryptography. Hash functions were introduced in cryptology to provide message integrity and authentication. MD5, SHA1 and RIPEMD are among the most commonly used message digest algorithm. Recently proposed attacks on well known and widely used hash functions motivate a design of new stronger hash function. In this paper a new approach is prese...
متن کاملPKCS # 1 : RSA Encryption Standard
This standard describes a method for encrypting data using the RSA public-key cryp-tosystem [1]. Its intended use is in the construction of digital signatures and digital envelopes , as described in PKCS #7 [2]: • For digital signatures, the content to be signed is first reduced to a message digest with a message-digest algorithm (such as MD5 [3]), and then an octet string containing the messag...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2004 شماره
صفحات -
تاریخ انتشار 2004