计算机科学

计算机科学 ›› 2017, Vol. 44 ›› Issue (9): 168-171.doi: 10.11896/j.issn.1002-137X.2017.09.032

• 信息安全 • 上一篇    下一篇

改进的MD4有意义碰撞攻击

周永鹏,王高丽   

  1. 东华大学计算机科学与技术学院 上海201620,华东师范大学计算机科学与软件工程学院 上海200062
  • 出版日期:2018-11-13 发布日期:2018-11-13
  • 基金资助:
    本文受国家自然科学基金(61572125,61373142),上海市“科技创新行动计划”高新技术领域项目(16511101400)资助

Improved Meaningful Collision Attack on MD4

ZHOU Yong-peng and WANG Gao-li   

  • Online:2018-11-13 Published:2018-11-13

PDF (PC)

847

摘要: 在FSE 1996上,Hans Dobbertin给出了一个基于ASCII编码且前20个字符是随机字符的有意义的MD4碰撞。贾珂婷和王小云教授于2009年给出了一个基于Latin-1 字符集的有意义的MD4碰撞。以王小云教授的模差分方法为基础,采用于红波等在CANS 2005上给出的碰撞路线,给出了两个有意义的MD4碰撞实例,其中一个是基于GBK编码的汉语的有意义碰撞,另一个是基于UTF-8编码的英语的有意义的碰撞。同时给出了一个python脚本被篡改的实例。

关键词: MD4算法,模差分方分析,有意义的碰撞,GBK编码,UTF-8编码

Abstract: In FSE’1996,Hans Dobbertin gave a meaningful collision on MD4 based on ASCII,which contains meaningless words at the beginning of the text.In 2009,Jia and Wang presented a meaningful collision on MD4 based on Latin-1character set,which contains meaningless words at the end of the text.In this paper,based on the modular differential method proposed by Wang,we gave two concrete meaningful collisions by using the differential characteristic proposed by Yu et al.in CANS 2005.One example of the meaningful collision is in Chinese and based on GBK,an other example is in English and based on UTF-8.Moreover,an example of tampered python script was proposed.

Key words: MD4 algorithm,Modular differential cryptanalysis,Meaningful collision,GBK,UTF-8

[1] RIVEST R L.The MD4 message-digest algorithm[C]∥ CPYPTO1990.LNCS,1990:303-312.
[2] BOER B D,BOSSELAERS A.An attack on the last two rounds of MD4[C]∥CRYPTO 1991.LNCS 576,1991:194-203.
[3] VAUDENAY S.On the need for multipermutations:Cryptanalsis of MD4 and SAFER[C]∥FSE 1995.LNCS 1008,1995:286-297.
[4] DOBBERTIN H.Cryptanalysis of MD4[J].Journal of Cryptology,1998,11(4):253-271.
[5] WANG X,FENG D,LAI X,et al.Collisions for hash functions MD4,MD5,HAVAL-128 and RIPEMD.http://eprint.iacr.org/2004/199.pdf.
[6] WANG X,YU H.How to break MD5 and other hash functions[C]∥EUROCRYPT 2005,LNCS.2005:19-35.
[7] WANG X,YIN Y L,YU H.Finding Collisions in the Full SHA-1[C]∥International Cryptology Conference on Advances in Cryptology-CRYPTO.Springer-Verlag,2005:17-36.
[8] YU H B,WANG G L,ZHANG G Y,et al.The Second-Prei-mage Attack on MD4[C]∥CANS 2005.LNCS 3810,2005:1-12.
[9] JIA K,WANG X.Meaningful Collision Attack on MD4[J].Journal of Frontiers of Computer Science & Technology,2010,3:202-213.
[10] BAI D X.Safety analysis of some block cipher and hash function[D].Beijing:Tsinghua University,2015.(in Chinese) 白东霞.几个分组密码和杂凑函数的安全性分析[D].北京:清华大学,2015.
[11] LANDELLE F,PEYRIN T.Cryptanalysis of Full RIPEMD-128[J].Journal of Cryptology,2015,7881:1-25.
[12] CHENG K,HAN W B.Automatic construction algorithm ofMD4 differential path [J].Journal of Information Engineering University,2014,15(2):129-133.(in Chinese) 程宽,韩文报.MD4差分路径的自动化构造算法[J].信息工程大学学报,2014,15(2):129-133.
[13] WANG G L.Collision Attack on the Full Extended MD4 andPseudo-Preimage Attack on RIPEMD[J].Journal of Computer Science and Technology,2013,28(1):129-143.
[14] LI Q,TANG B,YANG J.Key Technology Research for Content Supervision Based on KAD Network[C]∥International Confe-rence on Multimedia & Image Processing.IEEE Computer So-ciety,2016:72-77.
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发