資源簡介
原來我總是很自信地以為:你有本事找到 MD5 的碰撞又如何?你難道還有本事讓兩個可執(zhí)行文件的 MD5 一樣,卻又都能正常運行,并且可以做完全不同的事情么?
答:還真的可以.
http://www.win.tue.nl/hashclash/ ... World-colliding.exe
http://www.win.tue.nl/hashclash/ ... World-colliding.exe
這兩個程序會在屏幕上打印出不同的字符,但是它們的 MD5 都是一樣的。
通讀其論文后摘要如下:
這幾位密碼學家使用的是“構造前綴碰撞法”(chosen-prefix collisions)來進行此次攻擊(是王小云所使用的攻擊方法的改進版本)。
他們所使用的計算機是一臺 Sony PS3,且僅用了不到兩天。
他們的結論:MD5 算法不應再被用于任何軟件完整性檢查或代碼簽名的用途。
另:現(xiàn)在,如果僅僅是想要生成 MD5 相同而內(nèi)容不同的文件的話,在任何主流配置的電腦上用幾秒鐘就可以完成了。
代碼片段和文件信息
/*
MD5?collision?generator
=======================
Source?code?files:
??block0.cpp
??block1.cpp
??main.cpp
??main.hpp
??md5.cpp
??block1wang.cpp
??block1stevens00.cpp
??block1stevens01.cpp
??block1stevens10.cpp
??block1stevens11.cpp
Win32?executable:
??fastcoll_v1.0.0.5.exe
Version
=======
version?1.0.0.5?April?2006.
Copyright
=========
?M.?Stevens?2006.?All?rights?reserved.
Disclaimer
==========
This?software?is?provided?as?is.?Use?is?at?the?user‘s?risk.
No?guarantee?whatsoever?is?given?on?how?it?may?function?or?malfunction.
Support?cannot?be?expected.
This?software?is?meant?for?scientific?and?educational?purposes?only.
It?is?forbidden?to?use?it?for?other?than?scientific?or?educational?purposes.
In?particular?commercial?and?malicious?use?is?not?allowed.
Further?distribution?of?this?software?by?whatever?means?is?not?allowed
without?our?consent.
This?includes?publication?of?source?code?or?executables?in?printed?form
on?websites?newsgroups?CD-ROM‘s?etc.
Changing?the?(source)?code?without?our?consent?is?not?allowed.
In?all?versions?of?the?source?code?this?disclaimer?the?copyright
notice?and?the?version?number?should?be?present.
*/
#include?
#include?
#include?“main.hpp“
uint32?seed32_1?seed32_2;
void?find_block0(uint32?block[]?const?uint32?IV[])
{
uint32?Q[68]?=?{?IV[0]?IV[3]?IV[2]?IV[1]?};
std::vector?q4mask(1<<4);
for?(unsigned?k?=?0;?k? q4mask[k]?=?((k<<2)?^?(k<<26))?&?0x38000004;
std::vector?q9q10mask(1<<3);
for?(unsigned?k?=?0;?k? q9q10mask[k]?=?((k<<13)?^?(k<<4))?&?0x2060;
std::vector?q9mask(1<<16);
for?(unsigned?k?=?0;?k? q9mask[k]?=?((k<<1)?^?(k<<2)?^?(k<<5)?^?(k<<7)?^?(k<<8)?^?(k<<10)?^?(k<<11)?^?(k<<13))?&?0x0eb94f16;
while?(true)
{
Q[Qoff?+?1]?=?xrng64();
Q[Qoff?+?3]?=?(xrng64()?&?0xfe87bc3f)?|?0x017841c0;
Q[Qoff?+?4]?=?(xrng64()?&?0x44000033)?|?0x000002c0?|?(Q[Qoff?+?3]?&?0x0287bc00);
Q[Qoff?+?5]?=?0x41ffffc8?|?(Q[Qoff?+?4]?&?0x04000033);
Q[Qoff?+?6]?=?0xb84b82d6;
Q[Qoff?+?7]?=?(xrng64()?&?0x68000084)?|?0x02401b43;
Q[Qoff?+?8]?=?(xrng64()?&?0x2b8f6e04)?|?0x005090d3?|?(~Q[Qoff?+?7]?&?0x40000000);
Q[Qoff?+?9]?=?0x20040068?|?(Q[Qoff?+?8]?&?0x00020000)?|?(~Q[Qoff?+?8]?&?0x40000000);
Q[Qoff?+?10]?=?(xrng64()?&?0x40000000)?|?0x1040b089;
Q[Qoff?+?11]?=?(xrng64()?&?0x10408008)?|?0x0fbb7f16?|?(~Q[Qoff?+?10]?&?0x40000000);
Q[Qoff?+?12]?=?(xrng64()?&?0x1ed9df7f)?|?0x00022080?|?(~Q[Qoff?+?11]?&?0x40200000);
Q[Qoff?+?13]?=?(xrng64()?&?0x5efb4f77)?|?0x20049008;
Q[Qoff?+?14]?=?(xrng64()?&?0x1fff5f77)?|?0x0000a088?|?(~Q[Qoff?+?13]?&?0x40000000);
Q[Qoff?+?15]?=?(xrng64()?&?0x5efe7ff7)?|?0x80008000?|?(~Q[Qoff?+?14]?&?0x00010000);
Q[Qoff?+?16]?=?(xrng64()?&?0x1ffdffff)?|?0xa0000000?|?(~Q[Qoff?+?15]?&?0x40020000);
MD5_REVERSE_STEP(0?0xd76aa478?7);
MD5_REVERSE_STEP(6?0xa8304613?17);
MD5 ?屬性????????????大小?????日期????時間???名稱
-----------?---------??----------?-----??----
?????文件???????11877??2006-04-28?16:16??block0.cpp
?????文件????????2512??2006-04-28?16:16??block1.cpp
?????文件????????9813??2006-04-28?16:16??block1stevens00.cpp
?????文件????????9716??2006-04-28?16:16??block1stevens01.cpp
?????文件????????9846??2006-04-28?16:16??block1stevens10.cpp
?????文件????????9898??2006-04-28?16:16??block1stevens11.cpp
?????文件???????10316??2006-04-28?16:16??block1wang.cpp
?????文件???????11037??2006-04-28?16:15??main.cpp
?????文件????????2634??2006-04-28?16:16??main.hpp
?????文件????????4818??2006-04-28?16:16??md5.cpp
- 上一篇:ini文件讀取源代碼
- 下一篇:c++基礎封裝線程、鎖、定時器、原子操作等
評論
共有 條評論
川公網(wǎng)安備 51152502000135號