Project HashClash
About
Project HashClash is a Framework for MD5 & SHA-1 Differential Path Construction and Chosen-Prefix Collisions for MD5. It's goal is to further understanding and study of the weaknesses of MD5 and SHA-1.News
- 2017-10-16 Migrated to GitHub: cr-marcstevens/hashclash. Switched to autotools for configuration, certain features have been disabled for now (CUDA & CELL support). For the last repository version with CUDA & CELL support use: cr-marcstevens/hashclash-old-svn-repo)
- 2015-03-13 Migrated from Google Code to custom SVN repository due to upcoming closure of Google Code
- 2010-11-08 Added SHA-1 programs:
- diffpathanalysis_sha1 to analyze disturbance vectors, generate message relations and generate simple upper diff. path for rounds 2,3,4 (requires CUDA to run).
- diffpathforward_sha1, diffpathbackward_sha1, diffpathconnect_sha1: to construct a diff.path for the first round
- diffpathcollfind_sha1: Analyze tunnels/boomerangs and generate collision finding program.
- sha1collfind: Fully working near-collision attack against full SHA-1 with estimated complexity equivalent to 2^57.5 SHA-1 compressions. Just a 'first-attempt', with !58! bitfreedoms left and still unused ideas for speedups. This near-collision attack can directly be followed by a tweaked version of it that has complexity equivalent to approx. 2^61 SHA-1 compressions leading to an identical-prefix collision attack against full SHA-1 with estimated complexity equivalent to approx. 2^61 SHA-1 compressions. To be continued...
- 2010-10-14 Updated sources and GUI. GUI now features an automatic mode that will start the next step when a step has finished. (Use the latest CUDA drivers if you have an NVIDIA graphics card.)
- 2010-07-19 Released beta binaries for windows, supporting CUDA with 32bit and 64bit binaries. Now includes a GUI to help create chosen-prefix collisions. See also the Documentation.
- 2009-07-13 Released rev32 sources and binaries now including diffpathhelper (a multi purpose tool for working on differential paths) and (only in the src package) an example bash-script cpc.sh that automatically performs a chosen-prefix collision attack on any 2 given files.
- 2009-06-16 Released sources and CUDA enabled windows binaries for the birthday search and for constructing differential paths (diffpathforward, diffpathbackward, diffpathconnect).
- 2009-06-11 Released birthday search source and executable (CUDA enabled).
Obtain Source Code
Obtain source code using the following subversion command at the command line:svn checkout https://svn.marc-stevens.nl/p/hashclash/trunk/ hashclash-read-only
Feedback
We welcome any feedback on new collision attacks, new applications for chosen-prefix collisions and any tweaks and optimizations of the hashclash programs. You can forward your feedback to this e-mail address: marc (at) marc-stevens (dot) nlCopyright
Copyright (C) 2009-2015 Marc Stevenshttp://marc-stevens.nl/research