 |
|
|
 Welcome to the Virus.Org Mailing List Archive |
||
 |
||
|
||
|
Jason Holt wrote: Includes one titled "The MD2 Hash Function is Not One-Way". That's the first I've heard about MD2; the other breaks were for md4 and md5. Anyone know details? Actually there was a paper analysing the MD2 algorithms back in 1997: N. Rogier and P Chauvaud, "MD2 is not secure without the Checksum Byte", Design, codes and Cryptography, 12(3):245-251 - an early version was presented at SAC 1995 The abstract of the new paper by Frédéric Muller describing a pre-image attack, more theoretical than practical although very interesting, "MD2 is an early hash function developed by Ron Rivest for RSA Security, that produces message digests of 128 bits. In this paper, we show that MD2 does not reach the ideal security level of 2^128 . We describe preimage attacks against the underlying compression function,the best of which has complexity of 2^73 . As a result, the full MD2 hash can be attacked in preimage with complexity of 2^104" -- Mads Rasmussen Open Communications Security +55 11 3345 2525 http://www.opencs.com.br --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
|
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.