Cryptology ePrint Archive: Report 2005/248

Collision-Resistant usage of MD5 and SHA-1 via Message Preprocessing

Michael Szydlo and Yiqun Lisa Yin

Abstract: A series of recent papers have demonstrated collision attacks on popularly used hash functions, including the widely deployed MD5 and SHA-1 algorithm. To assess this threat, the natural response has been to evaluate the extent to which various protocols actually depend on collision resistance for their security, and potentially schedule an upgrade to a stronger hash function. Other options involve altering the protocol in some way. This work suggests a different option. We present several simple message pre-processing techniques and show how the techniques can be combined with MD5 or SHA-1 so that applications are no longer vulnerable to the known collision attacks. For some applications, this may a viable alternative to upgrading the hash function.

Category / Keywords: SHA-1, MD5, padding, hash collision, signature

Publication Info: RSA Conference 2006

Date: received 29 Jul 2005, last revised 18 Oct 2005

Contact author: mszydlo at rsasecurity com

Available formats: Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20051018:174542 (All versions of this report)

Discussion forum: Show discussion | Start new discussion