Paper 2005/327

On the Security of Encryption Modes of MD4, MD5 and HAVAL

Jongsung Kim, Alex Biryukov, Bart Preneel, and Sangjin Lee

Abstract

MD4 is a cryptographic hash function introduced in 1990 by Rivest. After MD4 was proposed, several hash functions such as MD5, HAVAL, RIPEMD, RIPEMD-160, SHA-1 and SHA-256 were designed based on the MD4 structure. In this paper, we cryptanalyze the compression functions of MD4, MD5 and 4-, 5-pass HAVAL in encryption modes. We exploit the recently proposed related-key rectangle and boomerang techniques to show non-randomness of MD4, MD5 and 4-, 5-pass HAVAL and to distinguish them from a randomly chosen cipher. The attacks are highly practical and have been confirmed by our experiments.

Metadata
Available format(s)
PDF PS
Category
Secret-key cryptography
Publication info
Published elsewhere. A shorten version of the paper will be published in ICICS 2005.
Keywords
hash functions
Contact author(s)
Kim Jongsung @ esat kuleuven be
History
2005-10-14: revised
2005-09-22: received
See all versions
Short URL
https://ia.cr/2005/327
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2005/327,
      author = {Jongsung Kim and Alex Biryukov and Bart Preneel and Sangjin Lee},
      title = {On the Security of Encryption Modes of {MD4}, {MD5} and {HAVAL}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2005/327},
      year = {2005},
      url = {https://eprint.iacr.org/2005/327}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.