Cryptology ePrint Archive: Report 2004/264

Musings on the Wang et al. MD5 Collision

Philip Hawkes and Michael Paddon and Gregory G. Rose

Abstract: Wang et al. caused great excitement at CRYPTO2004 when they announced a collision for MD5~\cite{R92_MD5}. This paper is examines the internal differences and conditions required for the attack to be successful. There are a large number of conditions that must be satisfied, thus indicating Wang at al. have found a clever way to generate message pairs for which the conditions are satisfied. The large number of conditions suggests that an attacker cannot use these differentials to cause second pre-image attacks with complexity less than generic attacks. Initial examination also suggests that an attacker cannot cause such collisions for HMAC-MD5 with complexity less than generic attacks.

Category / Keywords: secret-key cryptography / hash functions, cryptanalysis

Date: received 13 Oct 2004

Contact author: phawkes at qualcomm com

Available format(s): PDF | BibTeX Citation

Note: Disclaimer: This document notes some observations of the authors regarding the collisions generated by Wang et al.. We do not claim to have any new discoveries in this paper. However, we hope that this paper provides a useful explanation until the time when Wang et al. publish a detailed analysis of their discoveries.

Version: 20041014:104208 (All versions of this report)

Short URL: ia.cr/2004/264