190 likes | 338 Vues
MD5. A cryptographic hash code RFC 1321 Ron Rivest, 1992 No collisions No inverse Computationally efficient. Previous Hash Codes. 1989 – Rivest, MD2 RFC 1319 Semi-broken in 1997 1990 – Rivest, MD4 Collisions discovered in 2004 1990 – Snefru, Merkle. Hash Since MD5. SHA SHA - 0
 
                
                E N D
MD5 • A cryptographic hash code • RFC 1321 • Ron Rivest, 1992 • No collisions • No inverse • Computationally efficient
Previous Hash Codes • 1989 – Rivest, MD2 • RFC 1319 • Semi-broken in 1997 • 1990 – Rivest, MD4 • Collisions discovered in 2004 • 1990 – Snefru, Merkle
Hash Since MD5 • SHA • SHA - 0 • NIST RFC • FIPS 180 • NSA withdrew it • SHA – 1 • FIPS 180-1 • Semi broken in 2005 • SHA – 2 • FIPS 180-2 • Differing lengths
In the Future • NIST RFC for SHA – 3 family of hash codes • Federal Register Nov. 2, 2007 • (V. 72 # 212, pages 62212-6222O)
MD5 Specs. • Works on 512 bit blocks of the message • Produces a 128 bit hash code
Message Preparation • Padding • Block subdivision
Padding • The Message is padded to an exact multiple of 512 bit blocks • 1 is appended to message • The remainder (less 64 bits) is filled with as many 0’s as required • The 64 bit representation of the message length is appended
Main MD5 Loop IVs
Main Loop • Each 512-bit message block is used in each of 4 rounds • For each round the block is divided into 16 32 – bit sub-blocks • Each round consists of 16 steps (16 * 32 = 512) • Each step is based on a particular operation for each round
A Round Step • Uses 4 32-bit inputs: a, b, c, d • Also uses a 32-bit sub-block of the message block • Generates 4 32-bit outputs for the next round step or the next round
IVInitialized Chaining Variables A = 0x01234567 B = 0x89abcdef C = 0xfedcba98 D = 0x76543210
Nonlinear Generating Functions F(X,Y,Z) = (X^Y) v ((~X) ^ Z) G(X,Y,Z) = (X^Y) v (Y^(~Z)) H(X,Y,Z) = XÅ Y Å Z I(X,Y,Z) = Y Å (X v (~Z))
Some constants Mj is the jth sub-block of the message block. For step i: ti = 232*abs(sin(i)) where i is measured in radians. s is the number of bits to be shifted: Round 1: [7, 12, 17, 22] Round 2: [5, 9, 14, 20] Round 3: [4, 11, 16, 23] Round 4: [6, 10, 15, 21]