Collisions for the compression function of MD5
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Improved Collision Attacks on MD4 and MD5
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Improved collision attack on hash function MD5
Journal of Computer Science and Technology
On the security of two MAC algorithms
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
On the possibility of constructing meaningful hash collisions for public keys
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
A study of the MD5 attacks: insights and improvements
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
How to break MD5 and other hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Message freedom in MD4 and MD5 collisions: application to APOP
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Password recovery attack on authentication protocol MD4(Password||Challenge)
Proceedings of the 2008 ACM symposium on Information, computer and communications security
A New Type of 2-Block Collisions in MD5
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
A Hardware Architecture for Integrated-Security Services
Transactions on Computational Science IV
Bit-Free Collision: Application to APOP Attack
IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
Second-preimage analysis of reduced SHA-1
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
Collisions of MMO-MD5 and their impact on original MD5
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
Fast password recovery attack: application to APOP
Journal of Intelligent Manufacturing
Hi-index | 0.00 |
In this paper, we propose an extension of the APOP attack that recovers the first 31 characters of APOP password in practical time, and theoretically recovers 61 characters. We have implemented our attack, and have confirmed that 31 characters can be successfully recovered. Therefore, the security of APOP is completely broken. The core of our new technique is finding collisions for MD5 which are more suitable for the recovery of APOP passwords. These collisions are constructed by employing the collision attack of den Boer and Bosselares and by developing a new technique named "IV Bridge" which is an important step to satisfy the basic requirements of the collision finding phase. We show that the construction of this "IV Bridge" can be done efficiently as well.