Robshaw M.J.B., On Recent Results for MD2, MD4 and MD5, RSA Labs Bulletin, Vol X, No. 4, Nov. 1996.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....out that it is beneficial to treat application of cryptographic techniques and e docs as a whole and this is the main motivation behind the paper. The proposed framework takes into account common principles behind attacks on MD2 and M5, which are almost exclusively based on finding collisions [15]. 2.1. Idealised one way hash functions An ideal strong one way hash function has the following properties: 1. Pre image resistance: for a given y it is computationally infeasible to find such x that f(x) y. 2. Second pre image resistance: for a given x 1 it is computationally infeasible to ....

Robshaw M.J.B., On Recent Results for MD2, MD4 and MD5, RSA Labs Bulletin, Vol X, No. 4, Nov. 1996.

....that the fixed known value of M, which is IV, does not help the attacker. However these generators were designed to avoid excessive reliance on the G function being a perfect pseudorandom permutation. The PRNGs were designed to avoid related key weaknesses in the G function. Published results [16, 4] on the compression function of MD5 and the round functions that are shared between MD5 and SHA1 suggest that this precaution is prudent. Thus one design criteria was to update the generator state, which becomes the varying part of G s K input, in a manner that produces large and irregular Hamming ....

....that supports the hypothesis that the output of these generators is not distinguishable from a truly random sequence. Intuitively, cryptographic strength seems to imply good statistical properties, but it is reassuring to have the results from actual statistical tests. A separate report [16] describes the details of statistical tests that were performed on MD5Random and SHA1Random. They are summarized in this section. The first tests are classics from [10, 2, 3, 6, and 7] The second tests come from the Diehard software [12] which was developed by Professor Marsaglia specifically ....

M.J.B. Robshaw. On Recent Results on MD2, MD4, and MD5. RSA Labs Bulletin 4, Redwood City, California, November 1996. http://www.rsa.com/rsalabs/pubs/updates /bull-4.pdf

....dobbertin skom.rhein.de March 21, 1997 In [1] it was shown that there are very effective attacks leading to collisions for the hash function MD4 designed by R. Rivest [3] A summary of the status of hash functions of the MD4 family with respect to collision resistence can be found in [2] and [4]. However, attacking the one wayness of a hash function is a much more demanding challenge, and in case of success it has much more devastating consequences. No result along this line is known for MD4 and its successors. Therefore it is worth to explore how the recently developed new analytic ....

M.J.B. Robshaw, On recent results for MD2, MD4 and MD5, Bulletin 4, RSA Laboratories, November 1996 (see http://www.rsa.com/PUBS/).

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC