The MD4 Message Digest Algorithm
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
The First Two Rounds of MD4 are Not One-Way
FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
An Attack on the Last Two Rounds of MD4
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Formal aspects of mobile code security
Formal aspects of mobile code security
Inversion attacks on secure hash functions using SAT solvers
SAT'07 Proceedings of the 10th international conference on Theory and applications of satisfiability testing
Weaknesses in the HAS-V compression function
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
Preimage and collision attacks on MD2
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
The second-preimage attack on MD4
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Cryptanalysis of the hash functions MD4 and RIPEMD
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Second preimages on n-bit hash functions for much less than 2n work
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
New message difference for MD4
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Preimage Attacks on Step-Reduced MD5
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Preimages for Reduced SHA-0 and SHA-1
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Preimage Attacks on 3, 4, and 5-Pass HAVAL
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
How to Fill Up Merkle-Damgård Hash Functions
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A Preimage Attack for 52-Step HAS-160
Information Security and Cryptology --- ICISC 2008
Preimage Attack on Hash Function RIPEMD
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Finding Preimages in Full MD5 Faster Than Exhaustive Search
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
The State of Hash Functions and the NIST SHA-3 Competition
Information Security and Cryptology
Two Passes of Tiger Are Not One-Way
AFRICACRYPT '09 Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Meet-in-the-Middle Attacks Using Output Truncation in 3-Pass HAVAL
ISC '09 Proceedings of the 12th International Conference on Information Security
Improved preimage attack for 68-step HAS-160
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Cryptography for network security: failures, successes and challenges
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Second-preimage analysis of reduced SHA-1
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
(Second) preimage attacks on step-reduced RIPEMD/RIPEMD-128 with a new local-collision approach
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
MJH: a faster alternative to MDC-2
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
An improved algebraic attack on Hamsi-256
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Meet-in-the-middle preimage attacks on AES hashing modes and an application to whirlpool
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Preimage attacks on step-reduced RIPEMD-128 and RIPEMD-160
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Preimage attacks against PKC98-Hash and HAS-V
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
Cryptanalysis of the 10-round hash and full compression function of SHAvite-3-512
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
The first 30 years of cryptographic hash functions and the NIST SHA-3 competition
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Preimage attacks on Full-ARIRANG: analysis of DM-Mode with middle feed-forward
WISA'11 Proceedings of the 12th international conference on Information Security Applications
Boomerang distinguishers on MD4-Family: first practical results on full 5-pass HAVAL
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
Generalized first pre-image tractable random oracle model and signature schemes
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Preimage attacks on step-reduced SM3 hash function
ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
(Pseudo) preimage attack on round-reduced grøstl hash function and others
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Converting meet-in-the-middle preimage attack into pseudo collision attack: application to SHA-2
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Provable security of the knudsen-preneel compression functions
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Preimage and pseudo-collision attacks on step-reduced SM3 hash function
Information Processing Letters
| Hi-index | 0.00 |
MD4 is a hash function introduced by Rivest in 1990. It is still used in some contexts, and the most commonly used hash functions (MD5, Sha1, Sha2) are based on the design principles of MD4. MD4 has been extensively studied and very efficient collision attacks are known, but it is still believed to be a one-way function.In this paper we show a partial pseudo-preimage attack on the compression function of MD4, using some ideas from previous cryptanalysis of MD4. We can choose 64 bits of the output for the cost of 232compression function computations (the remaining bits are randomly chosen by the preimage algorithm).This gives a preimage attack on the compression function of MD4 with complexity 296, and we extend it to an attack on the full MD4 with complexity 2102. As far as we know this is the first preimage attack on a member of the MD4 family.