Cryptology ePrint Archive: Report 2005/400

Improved Collision Attack on MD5

Yu Sasaki and Yusuke Naito and Noboru Kunihiro and Kazuo Ohta

Abstract: In EUROCRYPT2005, a collision attack on MD5 was proposed by Wang et al. In this attack, conditions which are sufficient to generate collisions (called ``sufficient condition") are introduced. This attack raises the success probability by modifing messages to satisfy these conditions. In this attack, 37 conditions cannot be satisfied even messages are modified. Therefore, the complexity is $2^{37}$. After that, Klima improved this result. Since 33 conditions cannot be satisfied in his method, the complexity is $2^{33}$. In this paper, we propose new message modification techniques which are more efficient than attacks proposed so far. In this method, 29 conditions cannot be satisfied. However, this method is probabilistic, and the probability that this method work correctly is roughly 1/2. Therefore, the complexity of this attack is $2^{30}$. Furthermore, we propose a more efficient collision search algorithm than that of Wang et al. By using this algorithm, the total complexity is reduced into roughly 5/8.

Category / Keywords: secret-key cryptography / MD5, collision attack, message modification, sufficient condition

Date: received 7 Nov 2005

Contact author: yu339 at ice uec ac jp

Available format(s): PDF | BibTeX Citation

Version: 20051114:213854 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]