Conference ProceedingsOPEN ACCESS

MD5 is weaker than weak: Attacks on concatenated combiners

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2009) 5912 LNCS 144-161
DOI: 10.1007/978-3-642-10366-7_9
19Citations
Citations of this article
46Readers
Mendeley users who have this article in their library.
Get full text

Abstract

We consider a long standing problem in cryptanalysis: attacks on hash function combiners. In this paper, we propose the first attack that allows collision attacks on combiners with a runtime below the birthday-bound of the smaller compression function. This answers an open question by Joux posed in 2004. As a concrete example we give such an attack on combiners with the widely used hash function MD5. The cryptanalytic technique we use combines a partial birthday phase with a differential inside-out technique, and may be of independent interest. This potentially reduces the effort for a collision attack on a combiner like MD5||SHA-1 for the first time. © 2009 Springer-Verlag.

Author supplied keywords

Cite

CITATION STYLE

APA

Mendel, F., Rechberger, C., & Schläffer, M. (2009). MD5 is weaker than weak: Attacks on concatenated combiners. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5912 LNCS, pp. 144–161). https://doi.org/10.1007/978-3-642-10366-7_9

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free