[Cfrg] target collisions and colliding certificates with different identities
"Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl> Mon, 23 October 2006 21:58 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gc7oZ-0006a1-FA; Mon, 23 Oct 2006 17:58:35 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gc7oY-0006Zu-Fg for cfrg@ietf.org; Mon, 23 Oct 2006 17:58:34 -0400
Received: from mailhost.tue.nl ([131.155.2.19]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gc7oW-0007OC-5x for cfrg@ietf.org; Mon, 23 Oct 2006 17:58:34 -0400
Received: from localhost (localhost [127.0.0.1]) by mailhost.tue.nl (Postfix) with ESMTP id 49CBD5C03C; Mon, 23 Oct 2006 23:58:23 +0200 (CEST)
X-Virus-Scanned: amavisd-new at tue.nl
Received: from mailhost.tue.nl ([131.155.2.19]) by localhost (pastinakel.tue.nl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QaaKMHg08422; Mon, 23 Oct 2006 23:58:22 +0200 (CEST)
Received: from EXCHANGE3.campus.tue.nl (xserver3.campus.tue.nl [131.155.6.6]) by mailhost.tue.nl (Postfix) with ESMTP id B2EB95C01D; Mon, 23 Oct 2006 23:58:22 +0200 (CEST)
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 23 Oct 2006 23:58:21 +0200
Message-ID: <DFA3206A564B80499B87B89B49BCD3135DC17A@EXCHANGE3.campus.tue.nl>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: target collisions and colliding certificates with different identities
Thread-Index: Acb27loR6fjiK13LQz+WL5ZsPVQBLw==
From: "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl>
To: cryptography@metzdowd.com, cfrg@ietf.org, hash-forum@nist.gov
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 7d33c50f3756db14428398e2bdedd581
Cc:
Subject: [Cfrg] target collisions and colliding certificates with different identities
X-BeenThere: cfrg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:cfrg@ietf.org>
List-Help: <mailto:cfrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=subscribe>
Errors-To: cfrg-bounces@ietf.org
Hi all, We announce: - an example of a target collision for MD5; this means: for two chosen messages m1 and m2 we have constructed appendages b1 and b2 to make the messages collide under MD5, i.e. MD5(m1||b1) = MD5(m2||b2); said differently: we can cause an MD5 collision for any pair of distinct IHVs; - an example of a pair of valid, unsuspicious X.509 certificates with distinct Distinguished Name fields, but identical CA signatures; this example makes use of the target collision. See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/, where the certificates and a more detailed announcement can be found. Marc Stevens Arjen Lenstra Benne de Weger _______________________________________________ Cfrg mailing list Cfrg@ietf.org https://www1.ietf.org/mailman/listinfo/cfrg
- [Cfrg] target collisions and colliding certificat… Weger, B.M.M. de