@inproceedings{fac3834b050f4b8892b1802d3596aa50,
title = "The second-preimage attack on MD4",
abstract = "In Eurocrypt'05, Wang et al. presented new techniques to find collisions of Hash function MD4. The techniques are not only efficient to search for collisions, but also applicable to explore the second-preimage of MD4. About the second-preimage attack, they showed that a random message was a weak message with probability 2-122 and it only needed a one-time MD4 computation to find the second-preimage corresponding to the weak message. A weak message means that there exits a more efficient attack than the brute force attack to find its second-preimage. In this paper, we find another new collision differential path which can be used to find the second-preimage for more weak messages. For any random message, it is a weak message with probability 2 -56, and it can be converted into a weak message by message modification techniques with about 227 MD4 computations. Furthermore, the original message is close to the resulting message (weak message), i.e, the Hamming weight of the difference for two messages is about 44.",
keywords = "Collision differential path, Hash function, Second-preimage, Weak message",
author = "Hongbo Yu and Gaoli Wang and Guoyan Zhang and Xiaoyun Wang",
year = "2005",
doi = "10.1007/11599371\_1",
language = "英语",
isbn = "3540308490",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "1--12",
booktitle = "Cryptology and Network Security - 4th International Conference, CANS 2005, Proceedings",
address = "德国",
note = "4th International Conference on Cryptology and Network Security, CANS 2005 ; Conference date: 14-12-2005 Through 16-12-2005",
}