target collisions and colliding certificates with different identities
Weger, B.M.M. de
b.m.m.d.weger at TUE.nl
Mon Oct 23 17:58:21 EDT 2006
Hi all,
We announce:
- an example of a target collision for MD5; this means:
for two chosen messages m1 and m2 we have constructed
appendages b1 and b2 to make the messages collide
under MD5, i.e. MD5(m1||b1) = MD5(m2||b2);
said differently: we can cause an MD5 collision for
any pair of distinct IHVs;
- an example of a pair of valid, unsuspicious X.509
certificates with distinct Distinguished Name fields,
but identical CA signatures; this example makes use
of the target collision.
See http://www.win.tue.nl/hashclash/TargetCollidingCertificates/,
where the certificates and a more detailed announcement
can be found.
Marc Stevens
Arjen Lenstra
Benne de Weger
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list