While this was not an attack on the full MD5 hash function, it was close enough for cryptographers to recommend switching to a replacement, such as SHA-1 (also compromised) or RIPEMD-160. In 1996, Dobbertin announced a collision of the compression function of MD5 (Dobbertin, 1996). In 1993, Den Boer and Bosselaers gave an early, although limited, result of finding a " pseudo-collision" of the MD5 compression function that is, two different initialization vectors that produce an identical digest. ( Hans Dobbertin did indeed later find weaknesses in MD4.) When analytic work indicated that MD5's predecessor MD4 was likely to be insecure, Rivest designed MD5 in 1991 as a secure replacement. MD5 is one in a series of message digest algorithms designed by Professor Ronald Rivest of MIT (Rivest, 1992). It remains suitable for other non-cryptographic purposes, for example for determining the partition for a particular key in a partitioned database, and may be preferred due to lower computational requirements than more recent Secure Hash Algorithms. Historically it was widely used as a cryptographic hash function however it has been found to suffer from extensive vulnerabilities. MD5 can be used as a checksum to verify data integrity against unintentional corruption. MD5 was designed by Ronald Rivest in 1991 to replace an earlier hash function MD4, and was specified in 1992 as RFC 1321. The MD5 message-digest algorithm is a widely used hash function producing a 128- bit hash value. MD5 is prone to length extension attacks. This attack runs in less than a second on a regular computer. A 2013 attack by Xie Tao, Fanbao Liu, and Dengguo Feng breaks MD5 collision resistance in 2 18 time.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |