Message-Digest Algorithm 4

from Wikipedia, the free encyclopedia
MD4
developer Ronald L. Rivest
Released 1990
Length of the hash value (bit) 128
Round 3
Best known cryptanalysis
Collision attack in 2 MD4 operations
An MD4 operation. MD4 consists of 48 of these operations, grouped in 3 rounds of 16 operations each. F  is a round-dependent non-linear function. M i  denotes a 32-bit block of the input and K i a round-dependent 32-bit constant. addition the addition modulo 2 32 and s denotes the bitwise left rotation by s places, where s varies for each operation.left shift

MD4 ( Message-Digest Algorithm 4 ) is a cryptological hash function published in 1990 by Ronald L. Rivest . It was developed with the aim of running particularly quickly on 32- bit computers and, at the same time, being easy to implement . Of course, the basic requirements for hash functions should be retained. MD4 generates a hash value with a length of 128 bits.

However, it soon became apparent that the procedure was unsafe. The lack of collision safety turned out to be particularly problematic. In Crypto Bytes Journal the company RSA , a method was published, which could produce within an hour two or identical to a character messages, yielded the same hash value. Rivest itself confirmed the uncertainty in RFC 1321 : The MD5 Message-Digest Algorithm , so that even RSA advises against using this Message-Digest. MD4 was licensed as a public domain , which is probably due to the fact that the principle used has become the basis for further hash functions.

MD4 hashes

The 128-bit long MD4 hashes (also known as "message digests") are usually noted as 32-digit hexadecimal numbers. The following example shows a 59 byte long ASCII input and the associated MD4 hash: 

 md4("Franz jagt im komplett verwahrlosten Taxi quer durch Bayern") =
 3270fd28f1b28cd219bb946bd372fc00

A small change in the message will almost certainly produce a completely different hash. With Frank instead of Franz the result is: 

 md4("Frank jagt im komplett verwahrlosten Taxi quer durch Bayern") =
 c95704f5b2928c67a0970a576cebc589

The hash of a zero-length string is: 

 md4("") = 31d6cfe0d16ae931b73c59d7e0c089c0

Example of a collision: 

839c7a4d7a92cb5678a5d5b9eea5a7573c8a74deb366c3dc20a083b69f5d2a3bb3719dc69891e9f95e809fd7e8b23ba6318edd45e51fe39708bf9427e9c3e8b9
839c7a4d7a92cbd678a5d529eea5a7573c8a74deb366c3dc20a083b69f5d2a3bb3719dc69891e9f95e809fd7e8b23ba6318edc45e51fe39708bf9427e9c3e8b9
              ^       ^                                                                              ^

These strings differ in the places marked with '^'. Two hex digits each define one byte of the 64-byte long MD4 input. They both provide the hash value: 

4d7e6a1defa93d2dde05b45d864c429b

See also

Individual evidence

  1. Yu Sasaki, Lei Wang, Kazuo Ohta, Noboru Kunihiro: New Message Difference for MD4 . In: FSE 2007 (=  Lecture Notes in Computer Science . Volume 4593 ). Springer, 2007, p. 329−348 , doi : 10.1007 / 978-3-540-74619-5_21 ( iacr.org [PDF]).

Web links

  • RFC 1320 : The MD4 Message-Digest Algorithm