An Attack on the Last Two Rounds of MD4 (1991) [27 citations — 2 self]

Download:
ftp://ftp.esat.kuleuven.ac.be/pub/cosic/bosselae/m
DBLP
CACHED:

by Bert den Boer , Antoon Bosselaers

Add To MetaCart

Popular Tags

No tags have been applied to this document.

BibTeX | Add To MetaCart

@MISC{Boer91anattack,
    author = {Bert den Boer and Antoon Bosselaers},
    title = {An Attack on the Last Two Rounds of MD4},
    year = {1991}
}

Bookmarks

OpenURL

Abstract:

In [Rive90] the MD4 message digest algorithm was introduced taking an input message of arbitrary length and producing an output 128-bit message digest. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message. In this paper it is shown that if the three round MD4 algorithm is stripped of its first round, it is possible to find for a given (initial) input value two different messages hashing to the same output. A computer program implementing this attack takes about 1 millisecond on a 16 Mhz IBM PS/2 to find such a collision. 1 Introduction The MD4 Message Digest Algorithm, by Ronald L. Rivest and RSA Data Security, Inc., is intended for file hashing: it accepts arbitrarily large inputs and produces an output of 128 bits. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having ...

Citations

No citations identified.

View or Download | Add to My Collection | Correct Errors