MD5 post-collision era, MD5 still have the meaning of existence?

MD5 is a hash function, also known as the hash function, composed of 32-bit 16, in the Information security category has a broad and primary application of the cipher algorithm, it has similar to the use of fingerprints. In the network security protocol, the hash function is used to deal with the electronic signature, the lengthy signature file is condensed into a piece of digital information, such as fingerprint identification of the same identity to ensure the validity and security of the original digital signature file. The SHA-1 and MD5 mentioned above are now the most commonly used hash functions. Through the processing of these algorithms, the initial information, even if only one letter, the corresponding tightening information will become a very different "fingerprint", which guarantees the uniqueness of processed information. The possibility of digital authentication for e-commerce etc. is provided.

The Secure hash function is designed with the necessary satisfaction of two requests: one is to find two inputs to get the same output value in the calculation is not feasible, this is what we generally say anti-bump, and the other is to find an input, can get a given output in the calculation is not feasible, that is not derived from the effect of its initial state. Now the primary computer security protocols, such as SSL,PGP are signed with a hash function, once found two files can attack the same contraction value, you can fake signatures, to the network security category to bring immeasurable danger.

MD5 is such a hash function algorithm which has been widely used at home and abroad, it was once considered to be very safe. But MD5 will not be completely non-repeatable, from the probability that 16 of the 32-step traversal after at least two identical MD5 values, but 16 of the 32 how big? 3.,402,823,669,209,38e,+38, even the world's fastest supercomputer will run for billions of years to finish. However, Professor Xiao found that MD5 's "bump" can be quickly found, that is, two files can produce the same "fingerprint." This means that when you sign a contract on the Internet using an electronic signature, you may find another contract with the same signature but a wide gap, so the authenticity of the two contracts is indistinguishable. Professor Xiao's research results show that the use of MD5 algorithm can seriously threaten the security of information system, which makes the legal effect and the skill system of electronic signature be challenged now. As a result, industry experts Princeton computer Professor Edward Felten and others strongly appeal to the information system designers to quickly replace the signature algorithm, and they focus on this is a need to deal with the question immediately.

        a stone hit the thousand layers of waves, the MD5 of the decoding caused by the strong response of the academic community. Experts say this is the "most substantial research progress" in the field of cryptography, and the various cipher-related websites are racing to report this astonishing break.
MD5 hack Special website close
    MD5 hack Project Prestige website http://www.md5crk.com/is to expose the collection specially for MD5 attack, the website announced on August 17, 2004: " China's researchers found the complete MD5 algorithm of the bump; Wang, Feng, Lai and Yu released MD5, MD4, HAVAL-128, RIPEMD-128 several hash functions of the bump. This is the most substantial research progress in the field of cryptography in these years. Using their skills, MD5 bumps can be found within a few hours. ...... Because of this landmark discovery, the MD5CRK project will be completed within the next 48 hours. " The Readyresponse home page specifically forwarded the report, and several other sites reported on the
.
The Prestige website has been announced to talk about perhaps report this important research effect
calculated, within two weeks after the publication of the paper, nearly 400 websites have published, cited and discussed the effect. Many domestic news sites are also "algorithm security cryptographic function exposed flaws in the academic community uproar" as the title of the issue of this combination of major events, the audio in the news site repeatedly forwarded.

The first member of the MD5 cracking operation Professor Xiao is a weak, restrained woman with thick lenses that transmit the mathematical brilliance of her eyes. She in 1990 in Shandong University division from the famous mathematician Pan professor for number theory and cryptography, Dr. Pan, Yu Xiuyuan, show Tao and other famous professors under the careful guidance, she successfully applied the theory of knowledge to cryptography, and achieved a lot of outstanding results, has obtained 863 project funding and National Natural Science Foundation Project sponsorship, and won the Ministry of Science and Technology Progress Award, wrote more than 20 papers. Professor Xiao from the late 90 to start a hash function of the discussion, she led the Yu Hongbo, Wang Michen, Sun Qiumei, Feng Yu and other composition of the cryptographic discussion group, with the Chinese Academy of Sciences Feng Professor, Shanghai Jiaotong University to learn Jia and other well-known scholars close cooperation, after a long time to persevere efforts, Found the key technology to crack the hash function, successfully cracked MD5 and several other hash functions.
Over the years, she has received strong support from Shandong University and several college leaders, and has invested in the construction of an information security laboratory. Professor Xiao of Shandong University attaches great importance to the outstanding scientific research effect of Professor Chin-Tao. In June 2004, after the leadership of Shandong University to listen to Professor Xiao's assignment, the president of the exhibition Tao personally issued invitations to invite domestic well-known information security experts to participate in the July 2004 in Weihai, "Information Security Seminar", a number of school Dean Professor Mathematicians arranged and ruled the meeting, At the meeting, Professor Xiao released a series of research results such as MD5, and the experts gave her a full affirmation of the effectiveness of the research, and praised the scientific and technological sentiment of the students. One academician said that her level of research is certainly not worse than the world. The academician's verdict in the one months after the world password will be verified, foreign experts such a strong reaction shows that our work can be said not only less than the world's poor, and in the crack hash function has been one step ahead. The Canadian Certainkey company earlier announced that it will give the discovery of the MD5 algorithm first bump personnel must reward, Certainkey the original intention is to use a parallel computer after birthday invasion to find bumps, and Xiao professor and other aggression relative to the birthday need less time to calculate.

Because of MD5 's deciphering, has caused the MD5 commodity whether can also use the big argument. In his own forum, taught by Professor Jeffrey I. Schiller at MIT, many of the cipher-houses announced valuable arguments in the title "Bad Day at the hash function factory". The general president of the World Cryptography Conference, Jimes Hughes, announced that "I trust this (cracked MD5) is true, and if the collision exists, the HMAC is no longer safe, ... I thought we should throw away the MD5. Hughes argues that programmers are best at starting to abandon MD5. "The shortcomings of this algorithm have now been revealed, and it is now time to evacuate before a useful attack starts," he said. ”
Similarly, there are similar discussions on the website of Princeton University professor Edwards Felton. He said, "What is left to us?" MD5 has now been seriously injured; its application will be screened. SHA-1 is still alive, but not very long, and must be replaced immediately SHA-1, but the choice of what algorithm, which requires the combination of researchers to reach the same. ”
"This is an exciting time for the hash function to parse the category," Markku-juhani, a cipher-learning family. ”
And the famous computer company Sun's Linux expert Val Henson said: "Once we said," SHA-1 can be centring, other than insecurity is not known, "Now we can only summarize:" SHA-1 is not safe, the other is over. "
On August 24, 2004, the National Bureau of Skills and Standards (NIST) announced a special discussion about the MD5-based hash function algorithm, Xiao, which was discussed first and foremost: "At the recent World Conference on Cryptography (Crypto 2004), The researchers announced that they found a way to crack several hash algorithms, including MD4,MD5,HAVAL-128,RIPEMD and SHA-0. The analysis indicates that the variant algorithm, which replaced SHA-0 as the SHA-1 of the Federal Information Processing specification in 1994, could be cracked, but the intact SHA-1 was not cracked and SHA-1 collision was not found. The results illustrate that SHA-1 's safety is not a problem at the moment, but with the development of skills, the skills and Standards Bureau plans to sift through the SHA-1 before 2010, replacing it with other longer and safer algorithms such as SHA-224, SHA-256, SHA-384, and SHA-512. ”

This is the use of the "structural prefix Bump method" (Chosen-prefix collisions) for this attack (an improved version of the attack method used by Xiao).

The computer they used was a Sony PS3, and it took less than two days.

Their verdict: TheMD5 algorithm should no longer be used for any software integrity view or code signing!

Is that MD5 useless for this? Also, collisions may be easy for files, but for a limited-length cipher or cipher, MD5 is a very practical, high-performance, secure digital Signature algorithm.

Article reprinted from: Http://www.ttmd5.com/article.php?id=12

MD5 post-collision era, MD5 still have the meaning of existence?