A Design Principle for Hash Functions
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Cryptographic Primitives for Information Authentication - State of the Art
State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography - Revised Lectures
Methods for image authentication: a survey
Multimedia Tools and Applications
Preimage and collision attacks on MD2
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
| Hi-index | 0.00 |
In 1989, Ron Rivest introduced the MD2 Message DigestAlgorithm which takes as input a message of arbitrary lengthand produces as output a 128-bit message digest, by appendingsome redundancy to the message and then iteratively applyinga 32 bytes to 16 bytes compression function. MD2 Message DigestAlgorithm is one of the most frequently used hashing functionwith MD4, MD5, SHA, SHA-1. Some attacks against MD4 and MD5 havebeen presented by Dobbertin. Up to now, no attack against MD2has been presented.This function has beenupdated in 1993 in the RFC 1423 document. It was conjecturedthat the number of operations needed to get two messages havingthe same message digest is on the order of 2^64(using the birthday paradox), and that the complexity of invertingthe hash function is on the order of 2^128 operations.No attack against this function has been published so far. Inthis paper, we propose a low complexity method to find collisionsfor the compression function of MD2. The easiness to find thesecollisions could imply that the first conjecture is false ifthese collisions can be used to make global collisions for MD2.