The MD4 Message Digest Algorithm
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Collisions for the compression function of MD5
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
On the Security of Reduced Versions of 3-Pass HAVAL
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
HAS-V: A New Hash Function with Variable Output Length
SAC '00 Proceedings of the 7th Annual International Workshop on Selected Areas in Cryptography
MDx-MAC and Building Fast MACs from Hash Functions
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
The State of Cryptographic Hash Functions
Lectures on Data Security, Modern Cryptology in Theory and Practice, Summer School, Aarhus, Denmark, July 1998
Cryptographic Primitives for Information Authentication - State of the Art
State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography - Revised Lectures
The RIPEMD and RIPEMD Improved Variants of MD4 Are Not Collision Free
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
ASIC-hardware-focused comparison for hash functions MD5, RIPEMD-160, and SHS
Integration, the VLSI Journal - Special issue: Embedded cryptographic hardware
Fast Software Encryption
Classification of Hash Functions Suitable for Real-Life Systems
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Preimage attacks on step-reduced RIPEMD-128 and RIPEMD-160
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Finding good differential patterns for attacks on SHA-1
WCC'05 Proceedings of the 2005 international conference on Coding and Cryptography
A new dedicated 256-bit hash function: FORK-256
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Improved preimage attack on one-block MD4
Journal of Systems and Software
Modifications of SHA-0 to prevent attacks
ICISS'05 Proceedings of the First international conference on Information Systems Security
| Hi-index | 0.00 |
In [Rive90] the MD4 message digest algorithm was introduced taking an input message of arbitrary length and producing an output 128-bit message digest. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message. In this paper it is shown that if the three round MD4 algorithm is stripped of its first round, it is possible to find for a given (initial) input value two different messages hashing to the same output. A computer program implementing this attack takes about 1 millisecond on a 16 Mhz IBM PS/2 to find such a collision.