Single block MD5 collision with 2 bytes different.

Talking to a friend about md5 collision, I found this interesting tool (fastcoll) and an example of a single block collision below (with only 2 bytes different):

  • 0E306561559AA787D00BC6F70BBDFE3404CF03659E704F8534C00FFB659C4C87
    40CC942FEB2DA115A3F4155CBB8607497386656D7D1F34A42059D78F5A8DD1EF

  • 0E306561559AA787D00BC6F70BBDFE3404CF03659E744F8534C00FFB659C4C87
    40CC942FEB2DA115A3F415DCBB8607497386656D7D1F34A42059D78F5A8DD1EF

Why single block collision? Check out this:
http://csrc.nist.gov/groups/ST/hash/documents/Illies_NIST_05.pdf

My ..sorta understanding of this:

If we have md5(blockA) = md5(blockB) then: md5(messageA + blockA + messageB) = md5(messageA + blockB + messageB) (As long as size of messageA is devidable by md5 block size-64 bytes) Then we use the different between blockA and blockB within our logic code for example: if block[index] == "\x5d" then blah... else blah...
in which, blockA[index] is "\x5d" and blockB[index] is something else.
In PDF version of this attack, the binary is used in Index Color Spaces and the different between 2 binaries change the grey scales of the text (visible or not)

To quickly generate fast collision, you can download fastcoll at http://www.win.tue.nl/hashclash/

comments powered by Disqus