[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

MD4



> SINCLAIR  DOUGLAS N <[email protected]> wrote:
> > My understanding was that MD4 had been broken once, at the cost of 
> > much computer time.
> 
> Not *that* much computer time...
I stand corrected.  I've not read the original paper.

> As far as I know, the difficulty of inverting MD4 is still an open
> problem -- but why would you want to use a broken algorithm like MD4
> when you can use MD2, MD5, or SHA?
Granted.  A brute force attack on MD4 takes 2^64 times more operations
to invert it than it does to find matching pairs if I remember correctly.
However a clever algorithm would reduce that.

Of course with MD5 as a plug-in replacement that's only 30% slower
this isn't a big problem.  Looks like the safety belts are worth while
after all.