6 research outputs found
Chosen-Prefix Collisions for MD5 and Applications
We present a novel, automated way to find differential paths for MD5.
Its main application is in the construction of \emph{chosen-prefix collisions}.
We have shown how, at an approximate expected cost of
calls to the MD5 compression function, for any two chosen message
prefixes and , suffixes and can be constructed such that
the concatenated values and collide under MD5.
The practical attack potential of this construction
of chosen-prefix collisions is of greater concern
than the MD5-collisions that were published before. This is illustrated by
a pair of MD5-based X.509 certificates one of which was signed by a
commercial Certification Authority (CA) as a legitimate website certificate,
while the other one is a certificate for a rogue CA that is entirely
under our control (cf.\ \url{http://www.win.tue.nl/hashclash/rogue-ca/}).
Other examples, such as MD5-colliding executables, are presented as well.
More details can be found on
\url{http://www.win.tue.nl/hashclash/ChosenPrefixCollisions/}
Distributed object store principles of operation
Abstract In this paper we look at the growth of distributed object stores (DOS) and examine the underlying mechanisms that guide their use and development. Our focus is on the fundamental principles of operation that define this class of system, how it has evolved, and where it is heading as new markets expand beyond the use originally presented. We conclude by speculating about how object stores as a class must evolve to meet the more demanding requirements of future applications
Chosen-prefix collisions for MD5 and applications
We present a novel, automated way to find differential paths for MD5. Its main application is in the construction of chosen-prefix collisions. We have shown how, at an approximate expected cost of 239 calls to the MD5 compression function, for any two chosen message prefixes P and P', suffixes S and S' can be constructed such that the concatenated values P||S and P'||S' collide under MD5. The practical attack potential of this construction of chosen-prefix collisions is of greater concern than the MD5-collisions that were published before. This is illustrated by a pair of MD5-based X.509 certificates one of which was signed by a commercial Certification Authority (CA) as a legitimate website certificate, while the other one is a certificate for a rogue CA that is entirely under our control (cf. http://www.win.tue.nl/hashclash/rogue-ca/). Other examples, such as MD5-colliding executables, are presented as well. More details can be found on http://www.win.tue.nl/hashclash/ChosenPrefixCollisions/