带认证邮局协议的密钥恢复攻击

作者提出了一种新的针对带认证邮局协议的密钥恢复攻击,能够更快地恢复出密钥并能够恢复更多的密钥字符.基于通道技术和高级消息修改技术,提出了一种“群满足方案”来确定性地满足分而治之策略下最后一个通道首三步的所有充分条件,籍此提高MD5 (Message Digest Algorithm 5)碰撞对搜索的效率.并提出了一些新的通道来控制MD5碰撞对消息的更多比特的取值,比如可以构造出352比特值确定的MD5碰撞对.通过这些技术改进了多位信息确定的MD5碰撞对搜索效率,应用到APOP的密钥恢复攻击中不仅能够快速恢复长达31个字符的密钥,而且能够在实际时间内恢复长达43个字符的密钥.

Password Recovery Attack to Authentication Post Office Protocol

In this paper,we propose a new password recovery attack to Authentication Post Office Protocol(APOP),which can recover more password characters and faster.First,based on tunnel and advanced message modification technologies,we propose a "Group Satisfaction Scheme"to satisfy determinately all conditions of the first three successive steps of the last tunnel,to further improve Message Digest Algorithm 5(MD5) collision searching efficiency.Second,we propose some new tunnels to generate more meaningful characters during MD5 collision searching;for example,we can construct an MD5 collision pair with as many as 352 fixed bits.Combining with these technologies,we can improve the efficiency of MD5 collision searching with high number of chosen bits,hence,we can recover APOP passwords with 31 characters extremely fast,and can also recover passwords as long as 43 characters in practical time.