MD5 is such a hash function algorithm has a broad application of domestic and miscellaneous, which was once considered to be very safe. But it will not completely MD5 is not repeated, two identical MD5 value appears after at least 16 ^ 32 to traverse from probability, the 32 th but 16 how much? 3402823669209384634633746074317.7 million even if the world's fastest supercomputers have to run several billion years to finish. However, Professor Wang Xiaoyun found, can quickly find the MD5 of the "bump", that is, two files can produce the same "fingerprint." This means that when you apply an electronic signature to sign a contract on the network, and may find other contracts with the same signature but a disparity of content, so the authenticity of the two contracts will be unable to discern. Professor Wang Xiaoyun research results prove the bump using the MD5 algorithm can be a serious threat to information security system, this discovery is now legal effect of electronic signatures and skills system by fight. Therefore, the industry expert Professor Edward Felten of Princeton computer and other strong appeal to designers of information systems quickly replace the signature algorithm, and they need to focus doubt that this is a treatment immediately.
A stone draws thousands of pounding waves, MD5 deciphering a violent reaction password academia. Experts said it was "most substantive progress in research 'code academic years, each competing password science related sites reported this amazing break.
Special MD5 crack site close
MD5 crack site http://www.md5crk.com/ prestige project is to expose collect special attacks against MD5 being established site on August 17, 2004 declared: "Our researchers found a complete bump MD5 algorithm; Wang, Feng, Lai and Yu released MD5, bump MD4, HAVAL-128, RIPEMD- 128 Hash function which is a few research progress in these most substantive password to apply their learning category. skills, within a few hours you can find MD5 bump. ...... because of this landmark discovery, MD5CRK project will be completed within the next 48 hours. "
In this regard, Readyresponse home page dedicated to forwarding the report, several other sites have also been reported.
Maybe talk about the prestige of the site have announced major research report this effect
has been calculated, published in the paper two weeks, nearly 400 websites publish, cited and discussed this effect. Many domestic news websites also to "secure encryption algorithm functions surprising flaws password academic uproar" reported events this password academic title, the audio repeatedly forwarded on each news site.
Professor Wang Xiaoyun MD5 crack the top members of the work is a weak, cautious woman, a thick lens transmission out of the eyes in mathematics Emmanuel. She in 1990 under the tutelage of famous mathematician Professor Pan Chengdong number studying theory with Dr. cryptography professional at Shandong University, under the guidance of Mr. Pan, to show the source, Zhan Tao and many other well-known professor, she successfully number theory knowledge to password science, made a lot of outstanding results, has made 863 projects funded and sponsored by the national Natural Science Foundation of China, and has made a ministerial-level scientific and technological progress awards, writing papers 20 articles. Professor Wang Xiaoyun to discuss HASH function from the late 1990s beginning of the last century, she led the red wave, Wang Meiqin, Sunqiu Mei, Feng Qi and other cryptographic research group composed of professors with the Chinese Academy of Sciences FENG Deng, Shanghai Jiao Tong University to learn Kerry and other well-known scholars close collaboration, sustained over a long time trying to find a key technology to crack HASH function successfully cracked the MD5 HASH and several other functions.
Over the years her work has been the strong support of Shandong University and several school leaders, particularly investment in building information security laboratory. Professor of Shandong University President Zhan Tao Wang Xiaoyun prominent professor attaches great importance to scientific research results. After June 2004, Shandong University Professor Wang Xiaoyun led listened to work reports, President Zhan Tao personally issued invitations to invite domestic well-known information security experts in the "Symposium on Information Security Seminar Shandong University" in July 2004, held in Weihai, the number of college President Professor Liu Asia and in charge of arrangements for the meeting, at which Professor Wang Xiaoyun issued a series of seminars and other effects MD5 algorithm, the experts of the research results gave her plenty of recognition, their perseverance scientific mood is much to applaud. An academician said that the difference in the world is certainly better than the level of her research. The academician of the world after a lapse of one month after the conclusion of the meeting password has been verified, foreign experts such a strong reaction that our job is not only better than to say the difference in the world, and is a crack in terms of function HASH already one step ahead . Canada had earlier declared CertainKey find MD5 algorithm will give the first bump personnel must reward, CertainKey original intention was to use parallel computers to search through bump birthday attack, and the attack Professor Wang Xiaoyun relatively birthday attack requires less computing time.
Due to decipher MD5, triggering a commodity for MD5 is not yet able to use the big debate. On the Massachusetts Institute of Technology Professor Jeffrey I. Schiller in charge of their own forum, many scientists password in the section entitled "Bad day at the hash function factory " in the debate have announced the stereotypes value. General Chairman of the World Congress of the password Jimes Hughes announced the talk said, "I believe it (crack MD5) is true, and if there is a collision, HMAC is no longer safe, and ...... I think we should put aside MD5 a. "Hughes argued that the best programmers started to give MD5. He said: "The disadvantage of this method is now already has been exposed out before launching a useful attack, now is the time to evacuate."
Similarly, the Princeton University professor Edwards Felton's own website, has a similar talk. He said: "What is it we left MD5 has been seriously injured; its application will filter .SHA-1 is still alive, but it will not be long, must be replaced immediately SHA-1, but the choice of what kind? the algorithm, which need to arrive at the password researchers agreed. "
password scientist Markku-Juhani said," this is a HASH function analysis of the scope of an exciting time. "
the famous computer company SUN's LINUX expert Val Henson said:" once we say "SHA-1 capable of centering, another that is not unsafe do not know", so now it can only be summed up: "SHA-1 secure, the other are over."
For statement Hash function algorithm to MD5, represented by Professor Wang Xiaoyun decipher, the National Skills and Specifications Board (NIST) in 2004 August 24 announced a special talk, talk about the main content is: "science in recent world password Conference (Crypto 2004), the researchers announced that they discovered a crack HASH algorithm several ways, during which include MD4, MD5, HAVAL-128, RIPEMD well as SHA-0. analysis indicated, instead of SHA-0 in 1994 to become the Federal information processing standard SHA-1 weakened condition of variants algorithm can be cracked; but intact SHA-1 has not been cracked, the collision of SHA-1 did not find results clarify the SHA-1 security temporarily no problem. but with the development of skills, skills and Bureau plans to gradually standardize screening SHA-1 in 2010 and replaced with other longer and more secure algorithms (such as SHA-224, SHA-256, SHA-384 and SHA-512) instead. "
It is a few scientists use the password is "structural prefix bump Act" (chosen-prefix collisions) to carry out the attack (an improved version of Wang Xiaoyun by the use of attack approach).
They use a computer is a Sony PS3, and in less than two days.
Their conclusion: MD5 algorithm should no longer be used for any software to view or integrity code signing usefulness!
That is not MD5 this useless it? Definitely, a collision can easily for files, but for a limited length or ciphertext for the password, MD5 as a high-performance high-security digital signature algorithm, is still very useful.