marc-stevens.nl

Project HashClash - Project HashClash

  • ️Mon Oct 16 2017

About

Project HashClash is a Framework for MD5 & SHA-1 Differential Path Construction and Chosen-Prefix Collisions for MD5. It's goal is to further understanding and study of the weaknesses of MD5 and SHA-1.

News

  • 2017-10-16 Migrated to GitHub: cr-marcstevens/hashclash. Switched to autotools for configuration, certain features have been disabled for now (CUDA & CELL support). For the last repository version with CUDA & CELL support use: cr-marcstevens/hashclash-old-svn-repo)
  • 2015-03-13 Migrated from Google Code to custom SVN repository due to upcoming closure of Google Code
  • 2010-11-08 Added SHA-1 programs:
    • diffpathanalysis_sha1 to analyze disturbance vectors, generate message relations and generate simple upper diff. path for rounds 2,3,4 (requires CUDA to run).
    • diffpathforward_sha1, diffpathbackward_sha1, diffpathconnect_sha1: to construct a diff.path for the first round
    • diffpathcollfind_sha1: Analyze tunnels/boomerangs and generate collision finding program.
    • sha1collfind: Fully working near-collision attack against full SHA-1 with estimated complexity equivalent to 2^57.5 SHA-1 compressions. Just a 'first-attempt', with !58! bitfreedoms left and still unused ideas for speedups. This near-collision attack can directly be followed by a tweaked version of it that has complexity equivalent to approx. 2^61 SHA-1 compressions leading to an identical-prefix collision attack against full SHA-1 with estimated complexity equivalent to approx. 2^61 SHA-1 compressions. To be continued...
  • 2010-10-14 Updated sources and GUI. GUI now features an automatic mode that will start the next step when a step has finished. (Use the latest CUDA drivers if you have an NVIDIA graphics card.)
  • 2010-07-19 Released beta binaries for windows, supporting CUDA with 32bit and 64bit binaries. Now includes a GUI to help create chosen-prefix collisions. See also the Documentation.
  • 2009-07-13 Released rev32 sources and binaries now including diffpathhelper (a multi purpose tool for working on differential paths) and (only in the src package) an example bash-script cpc.sh that automatically performs a chosen-prefix collision attack on any 2 given files.
  • 2009-06-16 Released sources and CUDA enabled windows binaries for the birthday search and for constructing differential paths (diffpathforward, diffpathbackward, diffpathconnect).
  • 2009-06-11 Released birthday search source and executable (CUDA enabled).

Obtain Source Code

Obtain source code using the following subversion command at the command line:

svn checkout https://svn.marc-stevens.nl/p/hashclash/trunk/ hashclash-read-only

See Build Instructions for further directions.

Feedback

We welcome any feedback on new collision attacks, new applications for chosen-prefix collisions and any tweaks and optimizations of the hashclash programs. You can forward your feedback to this e-mail address: marc (at) marc-stevens (dot) nl

Copyright

Copyright (C) 2009-2015 Marc Stevens
http://marc-stevens.nl/research