可执行文件md5碰撞已经实现


hashclash_logo2

      几位密码学家使用构造前缀碰撞法(chosen-prefix collisions)实现了可验证的执行文件md5碰撞。并发布了相关代码:源代码下载(27KB),执行文件下载(111KB)。
      还记得当时王小云的文章发表时还表示暂时不用担心md5的校验准确性,这么快就被实现了。

相关论文:

Marc Stevens, “Fast Collision Attack on MD5”, March 2006 (pdf, 195 KB).
Published as Cryptology ePrint Archive, Report 2006104.

Marc Stevens, Arjen Lenstra and Benne de Weger, “Target Collisions for MD5 and Colliding X.509 Certificates for Different Identities”, October 2006 (pdf, 340 KB).
Published as Cryptology ePrint Archive, Report 2006360.

Marc Stevens, Arjen Lenstra and Benne de Weger, “Chosen-prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities”, February 2007 (pdf, 271 KB).
This paper was presented at the EuroCrypt 2007 conference in Barcelona on May 21, 2007, and was selected by the program committee as one of the three “notable papers”.
The paper is published in the proceedings: Moni Naor (ed.), Advances in Cryptology - EUROCRYPT 2007, Springer Lecture Notes in Computer Science Vol. 4515, 2007, pp. 1-22.

An updated version of this paper, including the new ideas and experiments performed since June 2007, is in preparation, and will be submitted to the Journal of Cryptology.

Marc’s MSc thesis “On Collisions for MD5”, June 2007 (pdf, 652 KB)

comments powered by Disqus