In this paper, we propose an extension of the APOP attack that recovers the first 31 characters of APOP password in practical time, and theoretically recovers 61 characters. We have implemented our attack, and have confirmed that 31 characters can be successfully recovered. Therefore, the security of APOP is completely broken. The core of our new technique is finding collisions for MD5 which are more suitable for the recovery of APOP passwords. These collisions are constructed by employing the collision attack of den Boer and Bosselares and by developing a new technique named "IV Bridge" which is an important step to satisfy the basic requirements of the collision finding phase. We show that the construction of this "IV Bridge" can be done efficiently as well. © 2008 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Sasaki, Y., Wang, L., Ohta, K., & Kunihiro, N. (2008). Security of MD5 challenge and response: Extension of APOP password recovery attack. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4964 LNCS, pp. 1–18). https://doi.org/10.1007/978-3-540-79263-5_1
Mendeley helps you to discover research relevant for your work.