Musings on the Wang et al. MD5 Collision (original) (raw)

Paper 2004/264

Musings on the Wang et al. MD5 Collision

Philip Hawkes, Michael Paddon, and Gregory G. Rose

Abstract

Wang et al. caused great excitement at CRYPTO2004 when they announced a collision for MD5~\cite{R92_MD5}. This paper is examines the internal differences and conditions required for the attack to be successful. There are a large number of conditions that must be satisfied, thus indicating Wang at al. have found a clever way to generate message pairs for which the conditions are satisfied. The large number of conditions suggests that an attacker cannot use these differentials to cause second pre-image attacks with complexity less than generic attacks. Initial examination also suggests that an attacker cannot cause such collisions for HMAC-MD5 with complexity less than generic attacks.

Note: Disclaimer: This document notes some observations of the authors regarding the collisions generated by Wang et al.. We do not claim to have any new discoveries in this paper. However, we hope that this paper provides a useful explanation until the time when Wang et al. publish a detailed analysis of their discoveries.

BibTeX

@misc{cryptoeprint:2004/264, author = {Philip Hawkes and Michael Paddon and Gregory G. Rose}, title = {Musings on the Wang et al. {MD5} Collision}, howpublished = {Cryptology {ePrint} Archive, Paper 2004/264}, year = {2004}, url = {https://eprint.iacr.org/2004/264} }