1 Collisions for MD5 MD5 is the hash function designed by Ron Rivest  as a strengthened version of MD4. In 1993 Bert den Boer and Antoon Bosselaers  found pseudo-collision for MD5 which is made of the same message with two different sets of initial value. H. Dobbertin found another kind of collision which consists of two different 512-bit… (More)
MD4 is a hash function developed by Rivest in 1990. It serves as the basis for most of the dedicated hash functions such as MD5, SHAx, RIPEMD, and HAVAL. In 1996, Dobbertin showed how to find collisions of MD4 with complexity equivalent to 2 20 MD4 hash computations. In this paper, we present a new attack on MD4 which can find a collision with probability 2… (More)
This paper considers the security of iterated block ciphers against the diierential crypt-analysis introduced by Biham and Shamir. Diierential cryptanalysis is a chosen-plaintext attack on secret-key block ciphers that are based on iterating a cryptographically weak function r times e.g., the 16-round Data Encryption Standard DES. It is shown that the… (More)
Secret-key block ciphers are the subject of this work. The design and security of block ciphers, together with their application in hashing techniques, are considered.
A new secret-key block cipher is proposed as a candidate for a new encryption standard. In the proposed cipher, the plaintext and the ciphertext are 64 bit blocks, while the secret key is 128 bit long. The cipher is based on the design concept of mixing operations from diierent algebraic groups". The cipher structure was chosen to provide confusion and… (More)
Iterated hash functions based on block ciphers are treated. Five attacks on an iterated hash function and on its round function are formulated. The wisdom of strengthening such hash functions by constraining the last block of the message to be hashed is stressed. Schemes for constructing m-bit and 2m-bit hash round functions from m-bit block ciphers are… (More)
In this paper, we formalize an attack scheme using the key-dependent property, called key-dependent attack. In this attack, the intermediate value, whose distribution is key-dependent, is considered. The attack determines whether a key is right by conducting statistical hypothesis test of the intermediate value. The time and data complexity of the… (More)