Short chosen-prefix collisions for MD5 and the creation of a rogue CA certificate

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 5677 LNCS, Issue , 2009, Pages 55-69

  Stevens, Marc ^a   Sotirov, Alexander ^f   Appelbaum, Jacob ^f   Lenstra, Arjen ^b,c   Molnar, David ^d   Osvik, Dag Arne ^b   De Weger, Benne ^e  

^a CWI   (Netherlands)

^b EPFL   (Switzerland)

^c LUCENT TECHNOLOGIES   (United States)

^d UNIVERSITY OF CALIFORNIA   (United States)

^e EINDHOVEN UNIVERSITY OF TECHNOLOGY   (Netherlands)

^f NONE

Author keywords

Certificate; Collision attack; MD5; PlayStation 3

Indexed keywords

CERTIFICATE; CERTIFICATION AUTHORITIES; COLLISION ATTACK; COMPRESSION FUNCTIONS; END USERS; MD5; PLAYSTATION 3; RSA MODULI; SEARCH SPACES; SERIAL NUMBER;

CRYPTOGRAPHY; TERMINOLOGY;

COMPUTER CRIME;

EID: 70350346082     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-03356-8_4     Document Type: Conference Paper

References (20)

1. den Boer, B., Bosselaers, A.: Collisions for the compression function of MD5. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 293-304. Springer, Heidelberg (1994)
2. Diffie, W.: Personal communication (January 2009)
3. Dobbertin, H.: Cryptanalysis of MD5 Compress (May 1996), http://www-cse.ucsd.edu/~bsy/dobbertin.ps
4. Halevi, S., Krawczyk, H.: Strengthening Digital Signatures via Randomized Hashing. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 41-59. Springer, Heidelberg (2006), http://tools.ietf.org/html/draft-irtf-cfrg-rhash-01
5. Klima, V.: Finding MD5 Collisions on a Notebook PC Using Multi-message Modifications, Cryptology ePrint Archive, Report 2005/102
6. Klima, V.: Tunnels in Hash Functions: MD5 Collisions Within a Minute, Cryptology ePrint Archive, Report 2006/105
7. 52. In: Eurocrypt 2009 Rump session
8. Mendel, F., Rechberger, C., Rijmen, V.: Update on SHA-1. In: Crypto 2007 Rump session
9. van Oorschot, P.C., Wiener, M.J.: Parallel collision search with cryptanalytic applications. Journal of Cryptology 12(1), 1-28 (1999)
10. Rechberger, C.: Unpublished result (2006)
11. Stevens, M.: Fast Collision Attack on MD5, Cryptology ePrint Archive, Report 2006/104
12. Stevens, M.: On collisions for MD5, Master's thesis, TU Eindhoven (June 2007), http://www.win.tue.nl/hashclash/
13. Stevens, M., Lenstra, A., de Weger, B.: Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 1-22. Springer, Heidelberg (2007)
14. Stevens, M., Lenstra, A., de Weger, B.: Predicting the winner of the 2008 US presidential elections using a Sony PlayStation 3 (2007), http://www.win.tue.nl/hashclash/Nostradamus/
15. Stevens, M., Lenstra, A., de Weger, B.: Chosen-Prefix Collisions for MD5 and Applications (in preparation)
16. Wang, X., Lai, X., Feng, D., Yu, H.: Collisions for hash functions MD4, MD5, HAVAL-128 and RIPEMD. In: Crypto 2004 Rump Session (2004)
17. Wang, X., Yu, H.: How to Break MD5 and Other Hash Functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19-35. Springer, Heidelberg (2005)
18. Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17-36. Springer, Heidelberg (2005)
19. Wang, X., Yao, A., Yao, F.: New Collision Search for SHA-1. In: Crypto 2005 Rump session
20. Xie, T., Liu, F., Feng, D.: Could The 1-MSB Input Difference Be The Fastest Collision Attack For MD5?, Cryptology ePrint Archive, Report 2008/391