New Message Difference for MD4

  • Yu Sasaki
  • Lei Wang
  • Kazuo Ohta
  • Noboru Kunihiro
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4593)


This paper proposes several approaches to improve the collision attack on MD4 proposed by Wang et al. First, we propose a new local collision that is the best for the MD4 collision attack. Selection of a good message difference is the most important step in achieving effective collision attacks. This is the first paper to introduce an improvement to the message difference approach of Wang et al., where we propose a new local collision. Second, we propose a new algorithm for constructing differential paths. While similar algorithms have been proposed, they do not support the new local collision technique.Finally, we complete a collision attack, and show that the complexity is smaller than the previous best work.


Hash Function Collision Attack MD4 Local Collision Message Difference Differential Path 


  1. 1.
    Dobbertin, H.: Cryptanalysis of MD4. In: Gollmann, D. (ed.) Fast Software Encryption. LNCS, vol. 1039, pp. 53–69. Springer, Heidelberg (1996)Google Scholar
  2. 2.
    Dobbertin, H.: The First Two Rounds of MD4 are Not One-Way. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 284–292. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  3. 3.
    Klima, V.: Tunnels in Hash Functions: MD5 Collisions Within a Minute. Cryptology ePrint Archive, Report (2006)/105Google Scholar
  4. 4.
    Naito, Y., Sasaki, Y., Kunihiro, N., Ohta, K.: Improved Collision Attack on MD4 with Probability Almost 1. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 129–145. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  5. 5.
    Rivest, R.: The MD4 Message Digest Algorithm. In: Menezes, A.J., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 303–311. Springer, Heidelberg (1991), Google Scholar
  6. 6.
    Schläffer, M., Oswald, E.: Searching for Differential Paths in MD4. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 242–261. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  7. 7.
    Wang, X., Feng, D., Chen, H., Lai, X., Yu, X.: Collision for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD. In: Rump Session of CRYPTO 2004 and Cryptology ePrint Archive, Report (2004)/199 (2004)Google Scholar
  8. 8.
    Wang, X., Lai, X., Feng, D., Chen, H., Yu, X.: Cryptanalysis of the Hash Functions MD4 and RIPEMD. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 1–18. Springer, Heidelberg (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Yu Sasaki
    • 1
  • Lei Wang
    • 1
  • Kazuo Ohta
    • 1
  • Noboru Kunihiro
    • 1
  1. 1.The University of Electro-Communications, Chofugaoka 1-5-1, Chofu-shi, Tokyo, 182-8585Japan

Personalised recommendations