Binary Analysis
more MD5 colliding examples Dec 02 2005 10:55PM
Gerardo Richarte (gera corest com)
hello everybody, last month we presented in a lightning talk at PacSec a
few interesting and somehow new things related to MD5 collisions: 2
different Win32 .EXE files with the same MD5 hash, and 4 different files
(inputs) with the same MD5 hash.

These are direct results of reimplementing the already known attacks on
MD5, specifically abusing the fact that collisions can be generated for
arbitrary IVs.

Today we are releasing some new stuff:

- The 4 colliding files have been increased to 8 files (there is
no real limit in the number of colliding files which can be generated,
this is just an example of what can be done).

- Two new Win32 .EXE files, this time with the same MD5 hash and
also the same CRC32, the same checksum 32 and the same checksum 16.

Of course all this is no big theoretical breakthrough, but it's somehow
interesting to have examples to show to the incredulous.

All the information (the files and presentation explaining how to
regenerate the files) from PacSec is now available at
http://www.corest.com/corelabs/projects/research_topics.php.

have fun!
gera

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus