Implementation of MD5 Collision Attack in Program

Abstract

Md5 [1] has been widely used because of its irreversibility, but its security is also questionable. Since Professor Wang [2] pointed out that MD5 is unsafe, Md5 collision and various attack algorithms began to appear and were used in large quantities. In the paper of Bai Honghuan’s MD5 fast collision algorithm [3], the characteristics of MD5 collision were proposed, he pointed out that when the MD5 values of two different files are the same, the files are added with the same prefix, and their MD5 values are still the same. Similarly, when the same suffix is added, MD5 values is still the same, and a program is tested to verify the result. This paper first studies the principle of MD5 algorithm [4], then points out the process of MD5 collision through Fastcoll tool, and experiments on a simple C language program using Bai Honghuan’s method to verify that the program can be collided by MD5. So the method of double encryption or multiple encryption for this phenomenon, it is equivalent to adding two locks or more locks to the data. The data is first encrypted by sha-256 to obtain a hash value, and then Md5 encryption is performed on the hash value. This method does not change the fact that MD5 can be collided and attacked, but in this case it will increase the difficulty of generating two different programs with the same MD5 value through the MD5 prefix attack. In the current situation, the possibility of SHA-256 being cracked is small. When the MD5 value (SHA-256 of the modified program) is collided, but if program is changed, the SHA-256 value is also modified, finally the MD5 value will be different. According to this conclusion, if data is complex encrypted multiple times by SHA-256 and MD5, it will be more difficult to crack.