Paper 2004/356
Practical Attacks on Digital Signatures Using MD5 Message Digest
Ondrej Mikle
Abstract
We use the knowledge of the single MD5 collision published by Wang et al. [1] to show an example of a pair of binary self-extract packages with equal MD5 checksums, whereas resulting extracted contracts have fundamentally different meaning. Secondly, we demonstrate how an attacker could create custom pair of such packages containing files arbitrarily chosen by the attacker with equal MD5 sums where each of the package extracts different file. Once the algorithm for finding MD5 collisions is published, attack could be made even more effective as we explain further. Authors of [1] claim to know such algorithm for any MD5 initialization vector. A real-world scenario of such attack is outlined. Finally, we point out the consequences resulting from such attack for signature schemes based on MD5 message digest on an example using GPG. [1] X. Wang, D. Feng, X. Lai, H. Yu, "Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD", rump session, CRYPTO 2004, Cryptology ePrint Archive, Report 2004/199, http://eprint.iacr.org/2004/199
Metadata
- Available format(s)
-
PDF
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- collisionhash functionMD5
- Contact author(s)
- Ondrej Mikle @ gmail com
- History
- 2004-12-14: received
- Short URL
- https://ia.cr/2004/356
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2004/356,
author = {Ondrej Mikle},
title = {Practical Attacks on Digital Signatures Using MD5 Message Digest},
howpublished = {Cryptology ePrint Archive, Paper 2004/356},
year = {2004},
note = {\url{https://eprint.iacr.org/2004/356}},
url = {https://eprint.iacr.org/2004/356}
}
