NationMaster - Encyclopedia: MD5CRK

In cryptography, MD5CRK was a distributed effort (similar to distributed.net) launched by Jean-Luc Cooke and his company, CertainKey Cryptosystems, to demonstrate that the MD5 message digest algorithm is insecure by finding a collision — two messages that produce the same MD5 hash. The project went live on March 1, 2004. The project ended in August 2004 after a collision for MD5 was discovered using analytical methods.

Pollard's Rho collision search for a single path

A technique called Pollard's rho algorithm (a cycle detection algorithm) was used to try and find a collision for MD5. The algorithm can be described by analogy with a random walk. Using the principle that any function with a finite number of possible outputs placed in a feedback loop will cycle, one can use a relatively small amount of memory to store outputs with particular structures and use them as "markers" to better detect when a marker has been "passed" before. These markers are called distinguished points, the point where two inputs produce the same output is called a collision point. MD5CRK considered any point whose first 32 bits were zeroes to be a distinguished point.

Complexity

The expected time to find a collision is not equal to $2 N$ where $N$ is the number of bits in the digest output. It is in fact , where $K$ is the number of function outputs collected.

For this project, the probability of success after $K$ MD5 computations can be approximated by: .

The expected number of computations required to produce a collision in the 128-bit MD5 message digest function is thus:

To give some perspective to this, using Virginia Tech's System X (http://www.tcf.vt.edu/) with a max performance of 12.25 Teraflops, it would take approximately seconds or about 3 weeks. Or for commodity processors at 2 gigaflops it would take 6,000 machines approximately the same amount of time.

References

Paul C. van Oorschot, Michael J. Wiener: Parallel Collision Search with Application to Hash Functions and Discrete Logarithms. ACM Conference on Computer and Communications Security 1994: pp210–218 Online version (http://www.scs.carleton.ca/~paulv/papers/acmccs94.pdf) (PDF format).

Categories: Cryptographic attacks | Distributed computing

Results from FactBites:

BIGpedia - MD5CRK - Encyclopedia and Dictionary Online (343 words)
	In cryptography, MD5CRK was a distributed effort (similar to distributed.net) launched by Jean-Luc Cooke and his company, CertainKey Cryptosystems, to demonstrate that the MD5 message digest algorithm is insecure by finding a collision — two messages that produce the same MD5 hash.
	These markers are called distinguished points, the point where two inputs produce the same output is called a collision point.
	MD5CRK considered any point whose first 32 bits were zeroes to be a distinguished point.

md5crk: new DC project (http://www.md5crk.com) - Topic Ars OpenForum (6654 words)
	The aim of MD5CRK is to raise awareness in the IT industry that MD5 is not secure for many applications.
	Hopefully this will all be explained better on the md5crk site in the future, but for now, the van Oorschot paper is a good place to start.
	I've updated MD5CRK.com's How will MD5CRK show MD5 is insecure page to include screen captures from windows netscape and IE when I went to www.paypal.com.

More results at FactBites »

COMMENTARY

Share your thoughts, questions and commentary here

Want to know more?
Search encyclopedia, statistics and forums:

Feeds | Contact
The Wikipedia article included on this page is licensed under the GFDL.
Images may be subject to relevant owners' copyright.
All other elements are (c) copyright NationMaster.com 2003-5. All Rights Reserved.
Usage implies agreement with terms.

Complexity GA_googleFillSlot("encyclopedia_square");

See also

References

Complexity