Advertisement

Differential Cryptanalysis Mod 232 with Applications to MD5

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 658)

Abstract

We introduce the idea of differential cryptanalysis mod 232 and apply it to the MD5 message digest algorithm. We derive a theory for differential cryptanalysis of the circular shift function. We demonstrate a high-probability differentials which leave the message digest register unchanged for each of MD5’s four rounds, and explain how more such differentials may be calculated.

Keywords

Output Difference Differential Analysis Message Block Differential Cryptanalysis Circular Shift 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. [BKPS]
    Lawrence Brown, Matthew Kwan, Josef Pieprzyk and Jennifer Seberry, “Improving Resistance to Differential Cryptanalysis and the Redesign of LOKI,” in Asiacrypt’ 91 Abstracts, pp. 25–30.Google Scholar
  2. [BS1]
    Eli Biham and Adi Shamir, “Differential Analysis of DES-like Cryptosystems,” in Advances in Cryptology — Crypto’ 90, pp. 2–21.Google Scholar
  3. [BS2]
    Eli Biham and Adi Shamir, “Differential Analysis of DES-like Cryptosystems,” Journal of Cryptology (1991) 4:1, pp. 3–72.zbMATHCrossRefMathSciNetGoogle Scholar
  4. [BS3]
    Eli Biham and Adi Shamir, “Differential Analysis of FEAL and N-Hash,” in Advances in Cryptology — Eurocrypt’ 91, pp. 1–16.Google Scholar
  5. [BS4]
    Eli Biham and Adi Shamir, “Differential Analysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer,” in Advances in Cryptology — Crypto’ 91.Google Scholar
  6. [Knud]
    Lars Ramkilde Knudsen, “Cryptanalysis of LOKI,” in Asiacrypt’ 91 Abstracts, pp. 19–24.Google Scholar
  7. [LMM]
    Xeujia Lai, James L. Massey and Sean Murphey, “Markov Ciphers and Differential Cryptanalysis,” in Advances in Cryptology — Eurocrypt’ 91, pp. 17–38.Google Scholar
  8. [RD]
    R. Rivest and S. Dusse, “The MD5 Message-Digest Algorithm,” Network Working Group Internet Draft, RSA Data Security Inc., 10 July 1991.Google Scholar
  9. [Riv]
    Ronald Rivest, “MD5”, presentation at Crypto’ 91 rump session.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1993

Authors and Affiliations

  1. 1.Anagram LaboratoriesPalo AltoUSA

Personalised recommendations