LLXX
May 15th, 2007, 03:03
Let me begin this post by quoting myself:
My prediction seems to be correct 
Frodevitoyem: http://eprint.iacr.org/2006/104.pdf
Poter omgpet: http://eprint.iacr.org/2006/105.pdf
The method of generating the collisions is by "bit tunneling", and looks obscure at first but after a few days of pondering the ephiphany is reached and you'll probably be thinking "why didn't I think of that?" like I am right now... the technique is simply to adjust various bits in the data so that the changes cancel each other, resulting in the same hash. Finding those critical bits is where "tunneling" process is used.
*nix source: http://web.mit.edu/AFS/sipb/project/fastcoll/
win32 source: http://www.win.tue.nl/hashclash/fastcoll_v1.0.0.5_source.zip
win32 binary: http://www.win.tue.nl/hashclash/fastcoll_v1.0.0.5.exe.zip
Attached is an example of two little files with the same MD5 (hash them yourself if you don't believe
)
Quote:
Posted by LLXX @ 09-27-2005, 03:32 AM And a few years ago we all thought it was impossible to generate MD5 collisions within a short amount of time. I predict that within the next few years MD5 will be as secure as CRC32 is today, with the speed of computer hardware increasing at its present rate. What would really be interesting would be arbitary binary data that MD5'd to some 16-byte long ASCII message. However at the moment it is still nearly impossible to reverse MD5. All we can do is generate collisions quickly. |

Frodevitoyem: http://eprint.iacr.org/2006/104.pdf
Poter omgpet: http://eprint.iacr.org/2006/105.pdf
The method of generating the collisions is by "bit tunneling", and looks obscure at first but after a few days of pondering the ephiphany is reached and you'll probably be thinking "why didn't I think of that?" like I am right now... the technique is simply to adjust various bits in the data so that the changes cancel each other, resulting in the same hash. Finding those critical bits is where "tunneling" process is used.
*nix source: http://web.mit.edu/AFS/sipb/project/fastcoll/
win32 source: http://www.win.tue.nl/hashclash/fastcoll_v1.0.0.5_source.zip
win32 binary: http://www.win.tue.nl/hashclash/fastcoll_v1.0.0.5.exe.zip
Attached is an example of two little files with the same MD5 (hash them yourself if you don't believe
