Access the full text.
Sign up today, get DeepDyve free for 14 days.
S. Contini, Y. Yin (2006)
Forgery and Partial Key-Recovery Attacks on HMAC and NMAC Using Hash CollisionsIACR Cryptol. ePrint Arch., 2006
Xiaoyun Wang, Hongbo Yu (2005)
How to Break MD5 and Other Hash Functions
Bert Boer, A. Bosselaers (1994)
Collisions for the Compressin Function of MD5
Yu Sasaki, Lei Wang, K. Ohta, N. Kunihiro (2008)
Security of MD5 Challenge and Response: Extension of APOP Password Recovery Attack
Russia. Pop access statistics
Xiaoyun Wang, Y. Yin, Hongbo Yu (2005)
Finding Collisions in the Full SHA-1
Kazuo Ohta, and Noboru Ku- nihiro. Extended APOP Password Recovery At- tack. Presented at the rump session of FSE '07
M. Szydlo, Y. Yin (2006)
Collision-Resistant Usage of MD5 and SHA-1 Via Message PreprocessingIACR Cryptol. ePrint Arch., 2005
Hash Collisions (The Poisoned Message Attack) The Story of Alice and her Boss " . Presented at the rump session of Eurocrypt '05
Vlastimil Klíma (2006)
Tunnels in Hash Functions: MD5 Collisions Within a MinuteIACR Cryptol. ePrint Arch., 2006
Yu Sasaki, G. Yamamoto, Kazumaro Aoki (2007)
Practical Password Recovery on an MD5 Challenge and ResponseIACR Cryptol. ePrint Arch., 2007
Xiaoyun Wang, Xuejia Lai, D. Feng, Hui Chen, Xiu-gui Yu (2005)
Cryptanalysis of the Hash Functions MD4 and RIPEMD
Magnus Daum (2005)
Cryptanalysis of Hash functions of the MD4-family
Xiaoyun Wang, Hongbo Yu, Y. Yin (2005)
Efficient Collision Search Attacks on SHA-0
Yusuke Naito, Yu Sasaki, N. Kunihiro, K. Ohta (2005)
Improved Collision Attack on MD4 with Probability Almost 1
M.M.J. Stevens, A. Lenstra, B. Weger (2006)
Target Collisions for MD5 and Colliding X.509 Certificates for Different IdentitiesIACR Cryptol. ePrint Arch., 2006
Bert Boer, A. Bosselaers (1993)
Collisions for the compression function of MD5Lecture Notes in Computer Science, 765
C. Dwork (2006)
Advances in Cryptology - CRYPTO 2006: 26th Annual International Cryptology Conference, Santa Barbara, California, USA, August 20-24, 2006, Proceedings (Lecture Notes in Computer Science)
Comparison of e-mail clients
M. Gebhardt, G. Illies, W. Schindler (2006)
A Note on the Practical Value of Single Hash Collisions for Special File Formats
M. Rose (1988)
Post Office Protocol: Version 3RFC, 1081
Computing statistics
Jongsung Kim, A. Biryukov, B. Preneel, Seokhie Hong (2006)
On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-0 and SHA-1 (Extended Abstract)IACR Cryptol. ePrint Arch., 2006
E. Biham, Rafi Chen (2004)
Near-Collisions of SHA-0IACR Cryptol. ePrint Arch., 2004
H. Dobbertin (1996)
Cryptanalysis of MD4Journal of Cryptology, 11
Oxford University Computing Ser- vices. Oucs annual report 2005-2006
Hongbo Yu, Gaoli Wang, Guoyan Zhang, Xiaoyun Wang (2005)
The Second-Preimage Attack on MD4
Barstow Hansen, Gries, Luckham, C. Moler, Pnueli Seegrnuller, J., Stoer Wirth (2000)
Advances in Cryptology
B. Preneel, P. Oorschot (1996)
On the Security of Two MAC Algorithms
J. Black, Martin Cochran, T. Highland (2006)
A Study of the MD5 Attacks: Insights and Improvements
A. Lenstra, B. Weger (2005)
On the Possibility of Constructing Meaningful Hash Collisions for Public Keys
(2007)
Extended APOP Password Recovery Attack
M.M.J. Stevens (2006)
Fast Collision Attack on MD5IACR Cryptol. ePrint Arch., 2006
Vlastimil Klíma (2005)
Finding MD5 Collisions on a Notebook PC Using Multi-message ModificationsIACR Cryptol. ePrint Arch., 2005
Hash functions are used in many cryptographic constructions under various assumptions, and the practical impact of collision attacks is often unclear. In this paper, we show how collisions can be used to recover part of the password used in the APOP authentication protocol. Since we actually need a little more than mere collisions, we look into the details of MD5 collisions. In Wang's attack, message modifications allow to deterministically satisfy certain sufficient conditions to find collisions efficiently. Unfortunately, message modifications significantly change the messages and one has little control over the colliding blocks. In this paper, we show how to choose small parts of the colliding messages, which will allow to build the APOP attack. This shows that collision attacks can be used to attack real protocols, which means that finding collisions is a real threat.
International Journal of Applied Cryptography – Inderscience Publishers
Published: Jan 1, 2008
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.