Collisions for the compression function of MD5
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
On the security of two MAC algorithms
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
On the possibility of constructing meaningful hash collisions for public keys
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
The second-preimage attack on MD4
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Collision-Resistant usage of MD5 and SHA-1 via message preprocessing
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
A study of the MD5 attacks: insights and improvements
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Proceedings of the 25th annual international conference on Advances in Cryptology
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Efficient collision search attacks on SHA-0
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Cryptanalysis of the hash functions MD4 and RIPEMD
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
How to break MD5 and other hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
On the security of HMAC and NMAC based on HAVAL, MD4, MD5, SHA-0 and SHA-1 (extended abstract)
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
Improved collision attack on MD4 with probability almost 1
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
Hi-index | 0.00 |
Hash functions are used in many cryptographic constructions under various assumptions, and the practical impact of collision attacks is often unclear. In this paper, we show how collisions can be used to recover part of the password used in the APOP authentication protocol. Since we actually need a little more than mere collisions, we look into the details of MD5 collisions. In Wang's attack, message modifications allow to deterministically satisfy certain sufficient conditions to find collisions efficiently. Unfortunately, message modifications significantly change the messages and one has little control over the colliding blocks. In this paper, we show how to choose small parts of the colliding messages, which will allow to build the APOP attack. This shows that collision attacks can be used to attack real protocols, which means that finding collisions is a real threat.