Collisions in Hash Signatures

The MD2 and MD4 hashing functions were developed by Prof Ronald Rivest in 1989 and 1990, respectively. They both produce a 128-bit hash, but have been shown be vulnerable to attack.

A collision occurs when two different inputs produce the same hash signature. The following shows two examples where two different input values produce the same hash signature, where the differences between the two values is defined in bold. In this case the characters produced by the data are non-printing ones, so the data is defined as a hex string (which is converted into a byte array based on the hex values). With this a hex value is used to represent the data, where a 0x is inserted into the data and passed into this Web page:

  • Try “839c7a4d7a92cb5678a5d5b9eea5a7573c8a74deb366c3dc20a083b69f5d2a3bb3719dc69891e9f95e809fd7e8b23ba6318edd45e51fe39708bf9427e9c3e8b9“. Try!, which should give a MD4 hash of: 4d7e6a1defa93d2dde05b45d864c429b Check
  • Try “839c7a4d7a92cbd678a5d529eea5a7573c8a74deb366c3dc20a083b69f5d2a3bb3719dc69891e9f95e809fd7e8b23ba6318edc45e51fe39708bf9427e9c3e8b9“. Try!, which should give a MD4 hash of: 4d7e6a1defa93d2dde05b45d864c429b Check
  • Try “839c7a4d7a92cb5678a5d5b9eea5a7573c8a74deb366c3dc20a083b69f5d2a3bb3719dc69891e9f95e809fd7e8b23ba6318edd45e51fe39740c213f769cfb8a7“. Try!, which should give a MD4 hash of: c6f3b3fe1f4833e0697340fb214fb9ea Check
  • Try “839c7a4d7a92cbd678a5d529eea5a7573c8a74deb366c3dc20a083b69f5d2a3bb3719dc69891e9f95e809fd7e8b23ba6318edc45e51fe39740c213f769cfb8a7“. Try!, which should give a MD4 hash of: c6f3b3fe1f4833e0697340fb214fb9ea Check

I have outlined it in the following presentation:

Source Code

In the following example the Bouncy Castle libraries are used to generate MD2 and MD5:

using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Modes;
using Org.BouncyCastle.Crypto.Engines;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Crypto.Paddings;

public void checkMD(string message, bool hex)
        {

            byte[] data = null;
            byte[] o = null;

            if (message == null) return;

            System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding();

            if (hex == false)
                data = encoding.GetBytes(message);
            else data = StringToByteArray(message);

            Org.BouncyCastle.Crypto.Digests.MD2Digest w4 = new Org.BouncyCastle.Crypto.Digests.MD2Digest();

            w4.Reset(); w4.BlockUpdate(data, 0, data.Length);

            o = new byte[w4.GetDigestSize()];
            w4.DoFinal(o, 0); md2 = Global.ByteToString(o);

            Org.BouncyCastle.Crypto.Digests.MD4Digest w5 = new Org.BouncyCastle.Crypto.Digests.MD4Digest();

            w5.Reset(); w5.BlockUpdate(data, 0, data.Length);

            o = new byte[w5.GetDigestSize()];
            w5.DoFinal(o, 0); md4 = Global.ByteToString(o);

            Org.BouncyCastle.Crypto.Digests.NullDigest w6 = new Org.BouncyCastle.Crypto.Digests.NullDigest();

            w6.Reset(); w6.BlockUpdate(data, 0, data.Length);

            o = new byte[w6.GetDigestSize()];
            w6.DoFinal(o, 0); nullhash = Global.ByteToString(o);        }

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s