International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: Practical Password Recovery on an MD5 Challenge and Response

Authors:
Yu Sasaki
Go Yamamoto
Kazumaro Aoki
Download:
URL: http://eprint.iacr.org/2007/101
Search ePrint
Search Google
Abstract: This paper shows an attack against APOP protocol which is a challenge-and-response protocol. We utilize the Wang's attack to make collisions in MD5, and apply it to APOP protocol. We confirmed that the first 3 octets of secret key can be recovered by several hundred queries under the man-in-the-middle environment.
BibTeX
@misc{eprint-2007-13383,
  title={Practical Password Recovery on an MD5 Challenge and Response},
  booktitle={IACR Eprint archive},
  keywords={cryptographic protocols / APOP, MD5, collision},
  url={http://eprint.iacr.org/2007/101},
  note={ maro@isl.ntt.co.jp 13592 received 20 Mar 2007},
  author={Yu Sasaki and Go Yamamoto and Kazumaro Aoki},
  year=2007
}