Security of MD5 challenge and response: Extension of APOP password recovery attack

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 4964 LNCS, Issue , 2008, Pages 1-18

  Sasaki, Yu ^a   Wang, Lei ^b   Ohta, Kazuo ^b   Kunihiro, Noboru ^b  

^a NTT CORPORATION   (Japan)

^b UNIVERSITY OF ELECTRO COMMUNICATIONS   (Japan)

Author keywords

APOP; Challenge and response; Collision attack; Hash function; MD5; Message difference; Password recovery

Indexed keywords

COMPUTER CRIME; COMPUTER SYSTEM RECOVERY; CRYPTOGRAPHY; MESSAGE PASSING; SECURITY SYSTEMS;

APOP; CHALLENGE AND RESPONSE; COLLISION ATTACK; HASH FUNCTIONS; MD5; MESSAGE DIFFERENCE; PASSWORD RECOVERY;

SECURITY OF DATA;

EID: 43149097854     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-540-79263-5_1     Document Type: Conference Paper

References (21)

1. Black, J., Cochran, M., Highland, T.: A Study of the MD5 Attacks: Insights and Improvements. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol. 4047, pp. 262-277. Springer, Heidelberg (2006)
2. den Boer, B., Bosselaers, A.: Collisions for the Compression Function of MD5. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 293-304. Springer, Heidelberg (1994)
3. Contini, S., Yin, Y.L.: Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions. In: Lai, X., Chen, K. (eds.) ASlACRYPT 2006. LNCS, vol. 4284, pp. 37-53. Springer, Heidelberg (2006)
4. Daum, M., Lucks, S.: Hash Collisions (The Poisoned Message Attack) The Story of Alice and her Boss. In: Eurocrypt 2005 (2005). http://th.informatik. uni-mannheim.de/people/lucks/HashCollisions/
5. Dobbertin, H.: Cryptanalysis of MD5 compress. In: Eyrocrypt 1996 (1996)
6. Dobbertin. H.: The Status of MD5 After a Recent Attack. In: CryptoBytes The technical newsletter of RSA Laboratories, a division of RSA Data Security, Inc., SUMMER 1996. vol. 2(2) (1996)
7. Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., Stewart, L.: HTTP Authentication: Basic and Digest Access Authentication, RFC 2617, June 1999(1999), http://www.ietf.org/rfc/rfc2617.txt
8. Gebhardt, M., lilies, G., Schindler, W.: A note on the practical value of single hash collisions for special file formats. In: Dittmann, J. (ed.) Sicherheit, GI. LNI, vol. 77, pp. 333-344 (2006)
9. Klima, V.: Tunnels in Hash Functions: MD5 Collisions Within a Minute. Cryptology ePrint Archive, Report, /105. (2006), http://eprint.iacr.org/2006/ 105.pdf
10. Lenstra, A.K., de Weger, B.: On the possibility of constructing meaningful hash collisions for public keys. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 267-279. Springer. Heidelberg (2005)
11. Leurent, G.: Message Freedom in MD4 and MD5 Collisions: Application to APOP. In: Biryukov. A. (ed.) FSE 2007. LNCS. vol. 4593, pp. 309-328. Springer, Heidelberg (2007)
12. Liang, J., Lai, X.: Improved Collision Attack on Hash Function MD5. Journal of Computer Science and Technology 22(1), 79-87 (2007)
13. Rivest, R.L.: The MD5 Message Digest Algorithm. RFC 1321 (April, 1992), http://www.ietf.org/rfc/rfc1321.txt
14. Myers, J., Rose, M.: Post Office Protocol - Version 3. RFC 1939 (Standard), May 1996. Updated by RFCs 1957, 2449, http://www.ietf.org/rfc/ rfc1939.txt
15. Preneel, B., van Oorschot, P.C.: On the Security of Two MAC Algorithms. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 19-32. Springer, Heidelberg (1996)
16. Rosenberg, J., Schulzrinne, H., Oamarillo. G., Johnston, A., Peterson, J., Sparks, R., Handley, M., Schooler, E.: SIP: Session Initiation Protocol, RFC 3261, June 2002 (2002), http://www.ietf.org/rfc/rfc3261.txt
17. Sasaki, Y., Naito, Y., Kunihiro, N., Ohta, K.: Improved, collision attack on MD5. Cryptology ePrint Archive. Report 2005/400. http://eprint.iacr.org/ 2005/400
18. Sasaki, Y.. Naito, Y., Kunihiro, N., Ohta, K.: Improved Collision Attacks on MD4 and MD5. IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences (Japan), E90-A(1), 36-47 (2007) (The initial result was announced as [17])
19. Sasaki, Y., Yamamoto, G., Aoki, K.: Practical Password Recovery on an MD5 Challenge and Response. Cryptology ePrint Archive, Report 2007/101
20. Stevens, M., Lenstra, A., der Weger. B.: Chosen-prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 1-12. Springer, Heidelberg (2007)
21. Wang, X., Yu, H.: How to Break MD5 and Other Hash Functions. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19-35. Springer, Heidelberg (2005)