[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: key-ed MD5 again

> From: Masataka Ohta <mohta@necom830.cc.titech.ac.jp>
> > Some significant analysts think that a single key at the beginning of
> > MD5 does not provide enough key material when the text is long.  The
> > MD5(key,MD5(text)) was suggested to improve the effect of the key in the
> > final hash.
> As MD5 is a chain of addition, a transitive 1-to-1 mapping, of
> hashed values, it is unlikely that the initial scrambling effect
> by the added hased key is weakened later.
An excellent question?  The conclusion was passed to me word of mouth.
But, looking at the algorithm, it seems to me that up to 4 bits of
influence can be lost from the high end of the sum on each block from
lost carry in the four registers.  As the text grows longer, less of the
initial key effect is seen.

It is that addition was used instead of xor that has this result.