<!DOCTYPE html> <html class="client-nojs vector-feature-language-in-header-enabled vector-feature-language-in-main-page-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-enabled skin-theme-clientpref-day vector-sticky-header-enabled vector-toc-available" lang="en" dir="ltr"> <head> <meta charset="UTF-8"> <title>Collision attack - Wikipedia</title> <script>(function(){var className="client-js vector-feature-language-in-header-enabled vector-feature-language-in-main-page-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-enabled skin-theme-clientpref-day vector-sticky-header-enabled vector-toc-available";var cookie=document.cookie.match(/(?:^|; )enwikimwclientpreferences=([^;]+)/);if(cookie){cookie[1].split('%2C').forEach(function(pref){className=className.replace(new RegExp('(^| )'+pref.replace(/-clientpref-\w+$|[^\w-]+/g,'')+'-clientpref-\\w+( |$)'),'$1'+pref+'$2');});}document.documentElement.className=className;}());RLCONF={"wgBreakFrames":false,"wgSeparatorTransformTable":["",""],"wgDigitTransformTable":["",""],"wgDefaultDateFormat":"dmy", "wgMonthNames":["","January","February","March","April","May","June","July","August","September","October","November","December"],"wgRequestId":"db6f0cf3-1eb5-4065-b429-5e97f9ff9b79","wgCanonicalNamespace":"","wgCanonicalSpecialPageName":false,"wgNamespaceNumber":0,"wgPageName":"Collision_attack","wgTitle":"Collision attack","wgCurRevisionId":1224354243,"wgRevisionId":1224354243,"wgArticleId":969624,"wgIsArticle":true,"wgIsRedirect":false,"wgAction":"view","wgUserName":null,"wgUserGroups":["*"],"wgCategories":["CS1 errors: missing periodical","Webarchive template wayback links","Articles with short description","Short description matches Wikidata","Wikipedia articles needing context from February 2020","All Wikipedia articles needing context","All pages needing cleanup","All articles with unsourced statements","Articles with unsourced statements from September 2023","Cryptographic attacks","Cryptographic hash functions"],"wgPageViewLanguage":"en","wgPageContentLanguage":"en", "wgPageContentModel":"wikitext","wgRelevantPageName":"Collision_attack","wgRelevantArticleId":969624,"wgIsProbablyEditable":true,"wgRelevantPageIsProbablyEditable":true,"wgRestrictionEdit":[],"wgRestrictionMove":[],"wgNoticeProject":"wikipedia","wgCiteReferencePreviewsActive":false,"wgFlaggedRevsParams":{"tags":{"status":{"levels":1}}},"wgMediaViewerOnClick":true,"wgMediaViewerEnabledByDefault":true,"wgPopupsFlags":0,"wgVisualEditor":{"pageLanguageCode":"en","pageLanguageDir":"ltr","pageVariantFallbacks":"en"},"wgMFDisplayWikibaseDescriptions":{"search":true,"watchlist":true,"tagline":false,"nearby":true},"wgWMESchemaEditAttemptStepOversample":false,"wgWMEPageLength":20000,"wgEditSubmitButtonLabelPublish":true,"wgULSPosition":"interlanguage","wgULSisCompactLinksEnabled":false,"wgVector2022LanguageInHeader":true,"wgULSisLanguageSelectorEmpty":false,"wgWikibaseItemId":"Q389463","wgCheckUserClientHintsHeadersJsApi":["brands","architecture","bitness","fullVersionList","mobile","model", "platform","platformVersion"],"GEHomepageSuggestedEditsEnableTopics":true,"wgGETopicsMatchModeEnabled":false,"wgGEStructuredTaskRejectionReasonTextInputEnabled":false,"wgGELevelingUpEnabledForUser":false};RLSTATE={"ext.globalCssJs.user.styles":"ready","site.styles":"ready","user.styles":"ready","ext.globalCssJs.user":"ready","user":"ready","user.options":"loading","ext.cite.styles":"ready","skins.vector.search.codex.styles":"ready","skins.vector.styles":"ready","skins.vector.icons":"ready","jquery.makeCollapsible.styles":"ready","ext.wikimediamessages.styles":"ready","ext.visualEditor.desktopArticleTarget.noscript":"ready","ext.uls.interlanguage":"ready","wikibase.client.init":"ready","ext.wikimediaBadges":"ready"};RLPAGEMODULES=["ext.cite.ux-enhancements","site","mediawiki.page.ready","jquery.makeCollapsible","mediawiki.toc","skins.vector.js","ext.centralNotice.geoIP","ext.centralNotice.startUp","ext.gadget.ReferenceTooltips","ext.gadget.switcher","ext.urlShortener.toolbar", "ext.centralauth.centralautologin","mmv.bootstrap","ext.popups","ext.visualEditor.desktopArticleTarget.init","ext.visualEditor.targetLoader","ext.echo.centralauth","ext.eventLogging","ext.wikimediaEvents","ext.navigationTiming","ext.uls.interface","ext.cx.eventlogging.campaigns","ext.cx.uls.quick.actions","wikibase.client.vector-2022","ext.checkUser.clientHints","ext.growthExperiments.SuggestedEditSession"];</script> <script>(RLQ=window.RLQ||[]).push(function(){mw.loader.impl(function(){return["user.options@12s5i",function($,jQuery,require,module){mw.user.tokens.set({"patrolToken":"+\\","watchToken":"+\\","csrfToken":"+\\"}); }];});});</script> <link rel="stylesheet" href="/w/load.php?lang=en&amp;modules=ext.cite.styles%7Cext.uls.interlanguage%7Cext.visualEditor.desktopArticleTarget.noscript%7Cext.wikimediaBadges%7Cext.wikimediamessages.styles%7Cjquery.makeCollapsible.styles%7Cskins.vector.icons%2Cstyles%7Cskins.vector.search.codex.styles%7Cwikibase.client.init&amp;only=styles&amp;skin=vector-2022"> <script async="" src="/w/load.php?lang=en&amp;modules=startup&amp;only=scripts&amp;raw=1&amp;skin=vector-2022"></script> <meta name="ResourceLoaderDynamicStyles" content=""> <link rel="stylesheet" href="/w/load.php?lang=en&amp;modules=site.styles&amp;only=styles&amp;skin=vector-2022"> <meta name="generator" content="MediaWiki 1.44.0-wmf.15"> <meta name="referrer" content="origin"> <meta name="referrer" content="origin-when-cross-origin"> <meta name="robots" content="max-image-preview:standard"> <meta name="format-detection" content="telephone=no"> <meta name="viewport" content="width=1120"> <meta property="og:title" content="Collision attack - Wikipedia"> <meta property="og:type" content="website"> <link rel="preconnect" href="//upload.wikimedia.org"> <link rel="alternate" media="only screen and (max-width: 640px)" href="//en.m.wikipedia.org/wiki/Collision_attack"> <link rel="alternate" type="application/x-wiki" title="Edit this page" href="/w/index.php?title=Collision_attack&amp;action=edit"> <link rel="apple-touch-icon" href="/static/apple-touch/wikipedia.png"> <link rel="icon" href="/static/favicon/wikipedia.ico"> <link rel="search" type="application/opensearchdescription+xml" href="/w/rest.php/v1/search" title="Wikipedia (en)"> <link rel="EditURI" type="application/rsd+xml" href="//en.wikipedia.org/w/api.php?action=rsd"> <link rel="canonical" href="https://en.wikipedia.org/wiki/Collision_attack"> <link rel="license" href="https://creativecommons.org/licenses/by-sa/4.0/deed.en"> <link rel="alternate" type="application/atom+xml" title="Wikipedia Atom feed" href="/w/index.php?title=Special:RecentChanges&amp;feed=atom"> <link rel="dns-prefetch" href="//meta.wikimedia.org" /> <link rel="dns-prefetch" href="login.wikimedia.org"> </head> <body class="skin--responsive skin-vector skin-vector-search-vue mediawiki ltr sitedir-ltr mw-hide-empty-elt ns-0 ns-subject mw-editable page-Collision_attack rootpage-Collision_attack skin-vector-2022 action-view"><a class="mw-jump-link" href="#bodyContent">Jump to content</a> <div class="vector-header-container"> <header class="vector-header mw-header"> <div class="vector-header-start"> <nav class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-dropdown" class="vector-dropdown vector-main-menu-dropdown vector-button-flush-left vector-button-flush-right" title="Main menu" > <input type="checkbox" id="vector-main-menu-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-main-menu-dropdown" class="vector-dropdown-checkbox " aria-label="Main menu" > <label id="vector-main-menu-dropdown-label" for="vector-main-menu-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-menu mw-ui-icon-wikimedia-menu"></span> <span class="vector-dropdown-label-text">Main menu</span> </label> <div class="vector-dropdown-content"> <div id="vector-main-menu-unpinned-container" class="vector-unpinned-container"> <div id="vector-main-menu" class="vector-main-menu vector-pinnable-element"> <div class="vector-pinnable-header vector-main-menu-pinnable-header vector-pinnable-header-unpinned" data-feature-name="main-menu-pinned" data-pinnable-element-id="vector-main-menu" data-pinned-container-id="vector-main-menu-pinned-container" data-unpinned-container-id="vector-main-menu-unpinned-container" > <div class="vector-pinnable-header-label">Main menu</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-main-menu.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-main-menu.unpin">hide</button> </div> <div id="p-navigation" class="vector-menu mw-portlet mw-portlet-navigation" > <div class="vector-menu-heading"> Navigation </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-mainpage-description" class="mw-list-item"><a href="/wiki/Main_Page" title="Visit the main page [z]" accesskey="z"><span>Main page</span></a></li><li id="n-contents" class="mw-list-item"><a href="/wiki/Wikipedia:Contents" title="Guides to browsing Wikipedia"><span>Contents</span></a></li><li id="n-currentevents" class="mw-list-item"><a href="/wiki/Portal:Current_events" title="Articles related to current events"><span>Current events</span></a></li><li id="n-randompage" class="mw-list-item"><a href="/wiki/Special:Random" title="Visit a randomly selected article [x]" accesskey="x"><span>Random article</span></a></li><li id="n-aboutsite" class="mw-list-item"><a href="/wiki/Wikipedia:About" title="Learn about Wikipedia and how it works"><span>About Wikipedia</span></a></li><li id="n-contactpage" class="mw-list-item"><a href="//en.wikipedia.org/wiki/Wikipedia:Contact_us" title="How to contact Wikipedia"><span>Contact us</span></a></li> </ul> </div> </div> <div id="p-interaction" class="vector-menu mw-portlet mw-portlet-interaction" > <div class="vector-menu-heading"> Contribute </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-help" class="mw-list-item"><a href="/wiki/Help:Contents" title="Guidance on how to use and edit Wikipedia"><span>Help</span></a></li><li id="n-introduction" class="mw-list-item"><a href="/wiki/Help:Introduction" title="Learn how to edit Wikipedia"><span>Learn to edit</span></a></li><li id="n-portal" class="mw-list-item"><a href="/wiki/Wikipedia:Community_portal" title="The hub for editors"><span>Community portal</span></a></li><li id="n-recentchanges" class="mw-list-item"><a href="/wiki/Special:RecentChanges" title="A list of recent changes to Wikipedia [r]" accesskey="r"><span>Recent changes</span></a></li><li id="n-upload" class="mw-list-item"><a href="/wiki/Wikipedia:File_upload_wizard" title="Add images or other media for use on Wikipedia"><span>Upload file</span></a></li> </ul> </div> </div> </div> </div> </div> </div> </nav> <a href="/wiki/Main_Page" class="mw-logo"> <img class="mw-logo-icon" src="/static/images/icons/wikipedia.png" alt="" aria-hidden="true" height="50" width="50"> <span class="mw-logo-container skin-invert"> <img class="mw-logo-wordmark" alt="Wikipedia" src="/static/images/mobile/copyright/wikipedia-wordmark-en.svg" style="width: 7.5em; height: 1.125em;"> <img class="mw-logo-tagline" alt="The Free Encyclopedia" src="/static/images/mobile/copyright/wikipedia-tagline-en.svg" width="117" height="13" style="width: 7.3125em; height: 0.8125em;"> </span> </a> </div> <div class="vector-header-end"> <div id="p-search" role="search" class="vector-search-box-vue vector-search-box-collapses vector-search-box-show-thumbnail vector-search-box-auto-expand-width vector-search-box"> <a href="/wiki/Special:Search" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only search-toggle" title="Search Wikipedia [f]" accesskey="f"><span class="vector-icon mw-ui-icon-search mw-ui-icon-wikimedia-search"></span> <span>Search</span> </a> <div class="vector-typeahead-search-container"> <div class="cdx-typeahead-search cdx-typeahead-search--show-thumbnail cdx-typeahead-search--auto-expand-width"> <form action="/w/index.php" id="searchform" class="cdx-search-input cdx-search-input--has-end-button"> <div id="simpleSearch" class="cdx-search-input__input-wrapper" data-search-loc="header-moved"> <div class="cdx-text-input cdx-text-input--has-start-icon"> <input class="cdx-text-input__input" type="search" name="search" placeholder="Search Wikipedia" aria-label="Search Wikipedia" autocapitalize="sentences" title="Search Wikipedia [f]" accesskey="f" id="searchInput" > <span class="cdx-text-input__icon cdx-text-input__start-icon"></span> </div> <input type="hidden" name="title" value="Special:Search"> </div> <button class="cdx-button cdx-search-input__end-button">Search</button> </form> </div> </div> </div> <nav class="vector-user-links vector-user-links-wide" aria-label="Personal tools"> <div class="vector-user-links-main"> <div id="p-vector-user-menu-preferences" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <div id="p-vector-user-menu-userpage" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-dropdown" class="vector-dropdown " title="Change the appearance of the page&#039;s font size, width, and color" > <input type="checkbox" id="vector-appearance-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-appearance-dropdown" class="vector-dropdown-checkbox " aria-label="Appearance" > <label id="vector-appearance-dropdown-label" for="vector-appearance-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-appearance mw-ui-icon-wikimedia-appearance"></span> <span class="vector-dropdown-label-text">Appearance</span> </label> <div class="vector-dropdown-content"> <div id="vector-appearance-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <div id="p-vector-user-menu-notifications" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <div id="p-vector-user-menu-overflow" class="vector-menu mw-portlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="https://donate.wikimedia.org/?wmf_source=donate&amp;wmf_medium=sidebar&amp;wmf_campaign=en.wikipedia.org&amp;uselang=en" class=""><span>Donate</span></a> </li> <li id="pt-createaccount-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:CreateAccount&amp;returnto=Collision+attack" title="You are encouraged to create an account and log in; however, it is not mandatory" class=""><span>Create account</span></a> </li> <li id="pt-login-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:UserLogin&amp;returnto=Collision+attack" title="You&#039;re encouraged to log in; however, it&#039;s not mandatory. [o]" accesskey="o" class=""><span>Log in</span></a> </li> </ul> </div> </div> </div> <div id="vector-user-links-dropdown" class="vector-dropdown vector-user-menu vector-button-flush-right vector-user-menu-logged-out" title="Log in and more options" > <input type="checkbox" id="vector-user-links-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-user-links-dropdown" class="vector-dropdown-checkbox " aria-label="Personal tools" > <label id="vector-user-links-dropdown-label" for="vector-user-links-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-ellipsis mw-ui-icon-wikimedia-ellipsis"></span> <span class="vector-dropdown-label-text">Personal tools</span> </label> <div class="vector-dropdown-content"> <div id="p-personal" class="vector-menu mw-portlet mw-portlet-personal user-links-collapsible-item" title="User menu" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport" class="user-links-collapsible-item mw-list-item"><a href="https://donate.wikimedia.org/?wmf_source=donate&amp;wmf_medium=sidebar&amp;wmf_campaign=en.wikipedia.org&amp;uselang=en"><span>Donate</span></a></li><li id="pt-createaccount" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:CreateAccount&amp;returnto=Collision+attack" title="You are encouraged to create an account and log in; however, it is not mandatory"><span class="vector-icon mw-ui-icon-userAdd mw-ui-icon-wikimedia-userAdd"></span> <span>Create account</span></a></li><li id="pt-login" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:UserLogin&amp;returnto=Collision+attack" title="You&#039;re encouraged to log in; however, it&#039;s not mandatory. [o]" accesskey="o"><span class="vector-icon mw-ui-icon-logIn mw-ui-icon-wikimedia-logIn"></span> <span>Log in</span></a></li> </ul> </div> </div> <div id="p-user-menu-anon-editor" class="vector-menu mw-portlet mw-portlet-user-menu-anon-editor" > <div class="vector-menu-heading"> Pages for logged out editors <a href="/wiki/Help:Introduction" aria-label="Learn more about editing"><span>learn more</span></a> </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-anoncontribs" class="mw-list-item"><a href="/wiki/Special:MyContributions" title="A list of edits made from this IP address [y]" accesskey="y"><span>Contributions</span></a></li><li id="pt-anontalk" class="mw-list-item"><a href="/wiki/Special:MyTalk" title="Discussion about edits from this IP address [n]" accesskey="n"><span>Talk</span></a></li> </ul> </div> </div> </div> </div> </nav> </div> </header> </div> <div class="mw-page-container"> <div class="mw-page-container-inner"> <div class="vector-sitenotice-container"> <div id="siteNotice"><!-- CentralNotice --></div> </div> <div class="vector-column-start"> <div class="vector-main-menu-container"> <div id="mw-navigation"> <nav id="mw-panel" class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-pinned-container" class="vector-pinned-container"> </div> </nav> </div> </div> <div class="vector-sticky-pinned-container"> <nav id="mw-panel-toc" aria-label="Contents" data-event-name="ui.sidebar-toc" class="mw-table-of-contents-container vector-toc-landmark"> <div id="vector-toc-pinned-container" class="vector-pinned-container"> <div id="vector-toc" class="vector-toc vector-pinnable-element"> <div class="vector-pinnable-header vector-toc-pinnable-header vector-pinnable-header-pinned" data-feature-name="toc-pinned" data-pinnable-element-id="vector-toc" > <h2 class="vector-pinnable-header-label">Contents</h2> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-toc.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-toc.unpin">hide</button> </div> <ul class="vector-toc-contents" id="mw-panel-toc-list"> <li id="toc-mw-content-text" class="vector-toc-list-item vector-toc-level-1"> <a href="#" class="vector-toc-link"> <div class="vector-toc-text">(Top)</div> </a> </li> <li id="toc-Classical_collision_attack" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Classical_collision_attack"> <div class="vector-toc-text"> <span class="vector-toc-numb">1</span> <span>Classical collision attack</span> </div> </a> <ul id="toc-Classical_collision_attack-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Chosen-prefix_collision_attack" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Chosen-prefix_collision_attack"> <div class="vector-toc-text"> <span class="vector-toc-numb">2</span> <span>Chosen-prefix collision attack</span> </div> </a> <ul id="toc-Chosen-prefix_collision_attack-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Attack_scenarios" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Attack_scenarios"> <div class="vector-toc-text"> <span class="vector-toc-numb">3</span> <span>Attack scenarios</span> </div> </a> <button aria-controls="toc-Attack_scenarios-sublist" class="cdx-button cdx-button--weight-quiet cdx-button--icon-only vector-toc-toggle"> <span class="vector-icon mw-ui-icon-wikimedia-expand"></span> <span>Toggle Attack scenarios subsection</span> </button> <ul id="toc-Attack_scenarios-sublist" class="vector-toc-list"> <li id="toc-Digital_signatures" class="vector-toc-list-item vector-toc-level-2"> <a class="vector-toc-link" href="#Digital_signatures"> <div class="vector-toc-text"> <span class="vector-toc-numb">3.1</span> <span>Digital signatures</span> </div> </a> <ul id="toc-Digital_signatures-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Hash_flooding" class="vector-toc-list-item vector-toc-level-2"> <a class="vector-toc-link" href="#Hash_flooding"> <div class="vector-toc-text"> <span class="vector-toc-numb">3.2</span> <span>Hash flooding</span> </div> </a> <ul id="toc-Hash_flooding-sublist" class="vector-toc-list"> </ul> </li> </ul> </li> <li id="toc-See_also" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#See_also"> <div class="vector-toc-text"> <span class="vector-toc-numb">4</span> <span>See also</span> </div> </a> <ul id="toc-See_also-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-References" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#References"> <div class="vector-toc-text"> <span class="vector-toc-numb">5</span> <span>References</span> </div> </a> <ul id="toc-References-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-External_links" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#External_links"> <div class="vector-toc-text"> <span class="vector-toc-numb">6</span> <span>External links</span> </div> </a> <ul id="toc-External_links-sublist" class="vector-toc-list"> </ul> </li> </ul> </div> </div> </nav> </div> </div> <div class="mw-content-container"> <main id="content" class="mw-body"> <header class="mw-body-header vector-page-titlebar"> <nav aria-label="Contents" class="vector-toc-landmark"> <div id="vector-page-titlebar-toc" class="vector-dropdown vector-page-titlebar-toc vector-button-flush-left" title="Table of Contents" > <input type="checkbox" id="vector-page-titlebar-toc-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-titlebar-toc" class="vector-dropdown-checkbox " aria-label="Toggle the table of contents" > <label id="vector-page-titlebar-toc-label" for="vector-page-titlebar-toc-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-listBullet mw-ui-icon-wikimedia-listBullet"></span> <span class="vector-dropdown-label-text">Toggle the table of contents</span> </label> <div class="vector-dropdown-content"> <div id="vector-page-titlebar-toc-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <h1 id="firstHeading" class="firstHeading mw-first-heading"><span class="mw-page-title-main">Collision attack</span></h1> <div id="p-lang-btn" class="vector-dropdown mw-portlet mw-portlet-lang" > <input type="checkbox" id="p-lang-btn-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-p-lang-btn" class="vector-dropdown-checkbox mw-interlanguage-selector" aria-label="Go to an article in another language. Available in 11 languages" > <label id="p-lang-btn-label" for="p-lang-btn-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--action-progressive mw-portlet-lang-heading-11" aria-hidden="true" ><span class="vector-icon mw-ui-icon-language-progressive mw-ui-icon-wikimedia-language-progressive"></span> <span class="vector-dropdown-label-text">11 languages</span> </label> <div class="vector-dropdown-content"> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li class="interlanguage-link interwiki-ca mw-list-item"><a href="https://ca.wikipedia.org/wiki/Atac_de_col%C2%B7lisi%C3%B3" title="Atac de col·lisió – Catalan" lang="ca" hreflang="ca" data-title="Atac de col·lisió" data-language-autonym="Català" data-language-local-name="Catalan" class="interlanguage-link-target"><span>Català</span></a></li><li class="interlanguage-link interwiki-cs mw-list-item"><a href="https://cs.wikipedia.org/wiki/%C3%9Atok_nalezen%C3%ADm_kolize" title="Útok nalezením kolize – Czech" lang="cs" hreflang="cs" data-title="Útok nalezením kolize" data-language-autonym="Čeština" data-language-local-name="Czech" class="interlanguage-link-target"><span>Čeština</span></a></li><li class="interlanguage-link interwiki-de mw-list-item"><a href="https://de.wikipedia.org/wiki/Kollisionsangriff" title="Kollisionsangriff – German" lang="de" hreflang="de" data-title="Kollisionsangriff" data-language-autonym="Deutsch" data-language-local-name="German" class="interlanguage-link-target"><span>Deutsch</span></a></li><li class="interlanguage-link interwiki-es mw-list-item"><a href="https://es.wikipedia.org/wiki/Ataque_de_colisi%C3%B3n" title="Ataque de colisión – Spanish" lang="es" hreflang="es" data-title="Ataque de colisión" data-language-autonym="Español" data-language-local-name="Spanish" class="interlanguage-link-target"><span>Español</span></a></li><li class="interlanguage-link interwiki-fa mw-list-item"><a href="https://fa.wikipedia.org/wiki/%D8%AD%D9%85%D9%84%D9%87_%D8%AA%D8%B5%D8%A7%D8%AF%D9%85" title="حمله تصادم – Persian" lang="fa" hreflang="fa" data-title="حمله تصادم" data-language-autonym="فارسی" data-language-local-name="Persian" class="interlanguage-link-target"><span>فارسی</span></a></li><li class="interlanguage-link interwiki-fr mw-list-item"><a href="https://fr.wikipedia.org/wiki/Attaque_de_collisions" title="Attaque de collisions – French" lang="fr" hreflang="fr" data-title="Attaque de collisions" data-language-autonym="Français" data-language-local-name="French" class="interlanguage-link-target"><span>Français</span></a></li><li class="interlanguage-link interwiki-ko mw-list-item"><a href="https://ko.wikipedia.org/wiki/%EC%B6%A9%EB%8F%8C_%EA%B3%B5%EA%B2%A9" title="충돌 공격 – Korean" lang="ko" hreflang="ko" data-title="충돌 공격" data-language-autonym="한국어" data-language-local-name="Korean" class="interlanguage-link-target"><span>한국어</span></a></li><li class="interlanguage-link interwiki-he mw-list-item"><a href="https://he.wikipedia.org/wiki/%D7%94%D7%AA%D7%A7%D7%A4%D7%AA_%D7%94%D7%AA%D7%A0%D7%92%D7%A9%D7%95%D7%99%D7%95%D7%AA" title="התקפת התנגשויות – Hebrew" lang="he" hreflang="he" data-title="התקפת התנגשויות" data-language-autonym="עברית" data-language-local-name="Hebrew" class="interlanguage-link-target"><span>עברית</span></a></li><li class="interlanguage-link interwiki-ru mw-list-item"><a href="https://ru.wikipedia.org/wiki/%D0%9A%D0%BE%D0%BB%D0%BB%D0%B8%D0%B7%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F_%D0%B0%D1%82%D0%B0%D0%BA%D0%B0" title="Коллизионная атака – Russian" lang="ru" hreflang="ru" data-title="Коллизионная атака" data-language-autonym="Русский" data-language-local-name="Russian" class="interlanguage-link-target"><span>Русский</span></a></li><li class="interlanguage-link interwiki-tr mw-list-item"><a href="https://tr.wikipedia.org/wiki/%C3%87arp%C4%B1%C5%9Fma_sald%C4%B1r%C4%B1s%C4%B1" title="Çarpışma saldırısı – Turkish" lang="tr" hreflang="tr" data-title="Çarpışma saldırısı" data-language-autonym="Türkçe" data-language-local-name="Turkish" class="interlanguage-link-target"><span>Türkçe</span></a></li><li class="interlanguage-link interwiki-uk mw-list-item"><a href="https://uk.wikipedia.org/wiki/%D0%9A%D0%BE%D0%BB%D1%96%D0%B7%D1%96%D0%B9%D0%BD%D0%B0_%D0%B0%D1%82%D0%B0%D0%BA%D0%B0" title="Колізійна атака – Ukrainian" lang="uk" hreflang="uk" data-title="Колізійна атака" data-language-autonym="Українська" data-language-local-name="Ukrainian" class="interlanguage-link-target"><span>Українська</span></a></li> </ul> <div class="after-portlet after-portlet-lang"><span class="wb-langlinks-edit wb-langlinks-link"><a href="https://www.wikidata.org/wiki/Special:EntityPage/Q389463#sitelinks-wikipedia" title="Edit interlanguage links" class="wbc-editpage">Edit links</a></span></div> </div> </div> </div> </header> <div class="vector-page-toolbar"> <div class="vector-page-toolbar-container"> <div id="left-navigation"> <nav aria-label="Namespaces"> <div id="p-associated-pages" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-associated-pages" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-nstab-main" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/Collision_attack" title="View the content page [c]" accesskey="c"><span>Article</span></a></li><li id="ca-talk" class="vector-tab-noicon mw-list-item"><a href="/wiki/Talk:Collision_attack" rel="discussion" title="Discuss improvements to the content page [t]" accesskey="t"><span>Talk</span></a></li> </ul> </div> </div> <div id="vector-variants-dropdown" class="vector-dropdown emptyPortlet" > <input type="checkbox" id="vector-variants-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-variants-dropdown" class="vector-dropdown-checkbox " aria-label="Change language variant" > <label id="vector-variants-dropdown-label" for="vector-variants-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" ><span class="vector-dropdown-label-text">English</span> </label> <div class="vector-dropdown-content"> <div id="p-variants" class="vector-menu mw-portlet mw-portlet-variants emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> </div> </div> </nav> </div> <div id="right-navigation" class="vector-collapsible"> <nav aria-label="Views"> <div id="p-views" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-views" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-view" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/Collision_attack"><span>Read</span></a></li><li id="ca-edit" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=Collision_attack&amp;action=edit" title="Edit this page [e]" accesskey="e"><span>Edit</span></a></li><li id="ca-history" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=Collision_attack&amp;action=history" title="Past revisions of this page [h]" accesskey="h"><span>View history</span></a></li> </ul> </div> </div> </nav> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-dropdown" class="vector-dropdown vector-page-tools-dropdown" > <input type="checkbox" id="vector-page-tools-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-tools-dropdown" class="vector-dropdown-checkbox " aria-label="Tools" > <label id="vector-page-tools-dropdown-label" for="vector-page-tools-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" ><span class="vector-dropdown-label-text">Tools</span> </label> <div class="vector-dropdown-content"> <div id="vector-page-tools-unpinned-container" class="vector-unpinned-container"> <div id="vector-page-tools" class="vector-page-tools vector-pinnable-element"> <div class="vector-pinnable-header vector-page-tools-pinnable-header vector-pinnable-header-unpinned" data-feature-name="page-tools-pinned" data-pinnable-element-id="vector-page-tools" data-pinned-container-id="vector-page-tools-pinned-container" data-unpinned-container-id="vector-page-tools-unpinned-container" > <div class="vector-pinnable-header-label">Tools</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-page-tools.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-page-tools.unpin">hide</button> </div> <div id="p-cactions" class="vector-menu mw-portlet mw-portlet-cactions emptyPortlet vector-has-collapsible-items" title="More options" > <div class="vector-menu-heading"> Actions </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-more-view" class="selected vector-more-collapsible-item mw-list-item"><a href="/wiki/Collision_attack"><span>Read</span></a></li><li id="ca-more-edit" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=Collision_attack&amp;action=edit" title="Edit this page [e]" accesskey="e"><span>Edit</span></a></li><li id="ca-more-history" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=Collision_attack&amp;action=history"><span>View history</span></a></li> </ul> </div> </div> <div id="p-tb" class="vector-menu mw-portlet mw-portlet-tb" > <div class="vector-menu-heading"> General </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="t-whatlinkshere" class="mw-list-item"><a href="/wiki/Special:WhatLinksHere/Collision_attack" title="List of all English Wikipedia pages containing links to this page [j]" accesskey="j"><span>What links here</span></a></li><li id="t-recentchangeslinked" class="mw-list-item"><a href="/wiki/Special:RecentChangesLinked/Collision_attack" rel="nofollow" title="Recent changes in pages linked from this page [k]" accesskey="k"><span>Related changes</span></a></li><li id="t-upload" class="mw-list-item"><a href="//en.wikipedia.org/wiki/Wikipedia:File_Upload_Wizard" title="Upload files [u]" accesskey="u"><span>Upload file</span></a></li><li id="t-specialpages" class="mw-list-item"><a href="/wiki/Special:SpecialPages" title="A list of all special pages [q]" accesskey="q"><span>Special pages</span></a></li><li id="t-permalink" class="mw-list-item"><a href="/w/index.php?title=Collision_attack&amp;oldid=1224354243" title="Permanent link to this revision of this page"><span>Permanent link</span></a></li><li id="t-info" class="mw-list-item"><a href="/w/index.php?title=Collision_attack&amp;action=info" title="More information about this page"><span>Page information</span></a></li><li id="t-cite" class="mw-list-item"><a href="/w/index.php?title=Special:CiteThisPage&amp;page=Collision_attack&amp;id=1224354243&amp;wpFormIdentifier=titleform" title="Information on how to cite this page"><span>Cite this page</span></a></li><li id="t-urlshortener" class="mw-list-item"><a href="/w/index.php?title=Special:UrlShortener&amp;url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FCollision_attack"><span>Get shortened URL</span></a></li><li id="t-urlshortener-qrcode" class="mw-list-item"><a href="/w/index.php?title=Special:QrCode&amp;url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FCollision_attack"><span>Download QR code</span></a></li> </ul> </div> </div> <div id="p-coll-print_export" class="vector-menu mw-portlet mw-portlet-coll-print_export" > <div class="vector-menu-heading"> Print/export </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="coll-download-as-rl" class="mw-list-item"><a href="/w/index.php?title=Special:DownloadAsPdf&amp;page=Collision_attack&amp;action=show-download-screen" title="Download this page as a PDF file"><span>Download as PDF</span></a></li><li id="t-print" class="mw-list-item"><a href="/w/index.php?title=Collision_attack&amp;printable=yes" title="Printable version of this page [p]" accesskey="p"><span>Printable version</span></a></li> </ul> </div> </div> <div id="p-wikibase-otherprojects" class="vector-menu mw-portlet mw-portlet-wikibase-otherprojects" > <div class="vector-menu-heading"> In other projects </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="t-wikibase" class="wb-otherproject-link wb-otherproject-wikibase-dataitem mw-list-item"><a href="https://www.wikidata.org/wiki/Special:EntityPage/Q389463" title="Structured data on this page hosted by Wikidata [g]" accesskey="g"><span>Wikidata item</span></a></li> </ul> </div> </div> </div> </div> </div> </div> </nav> </div> </div> </div> <div class="vector-column-end"> <div class="vector-sticky-pinned-container"> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-pinned-container" class="vector-pinned-container"> </div> </nav> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-pinned-container" class="vector-pinned-container"> <div id="vector-appearance" class="vector-appearance vector-pinnable-element"> <div class="vector-pinnable-header vector-appearance-pinnable-header vector-pinnable-header-pinned" data-feature-name="appearance-pinned" data-pinnable-element-id="vector-appearance" data-pinned-container-id="vector-appearance-pinned-container" data-unpinned-container-id="vector-appearance-unpinned-container" > <div class="vector-pinnable-header-label">Appearance</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-appearance.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-appearance.unpin">hide</button> </div> </div> </div> </nav> </div> </div> <div id="bodyContent" class="vector-body" aria-labelledby="firstHeading" data-mw-ve-target-container> <div class="vector-body-before-content"> <div class="mw-indicators"> </div> <div id="siteSub" class="noprint">From Wikipedia, the free encyclopedia</div> </div> <div id="contentSub"><div id="mw-content-subtitle"></div></div> <div id="mw-content-text" class="mw-body-content"><div class="mw-content-ltr mw-parser-output" lang="en" dir="ltr"><div class="shortdescription nomobile noexcerpt noprint searchaux" style="display:none">Cryptographic attack</div> <style data-mw-deduplicate="TemplateStyles:r1251242444">.mw-parser-output .ambox{border:1px solid #a2a9b1;border-left:10px solid #36c;background-color:#fbfbfb;box-sizing:border-box}.mw-parser-output .ambox+link+.ambox,.mw-parser-output .ambox+link+style+.ambox,.mw-parser-output .ambox+link+link+.ambox,.mw-parser-output .ambox+.mw-empty-elt+link+.ambox,.mw-parser-output .ambox+.mw-empty-elt+link+style+.ambox,.mw-parser-output .ambox+.mw-empty-elt+link+link+.ambox{margin-top:-1px}html body.mediawiki .mw-parser-output .ambox.mbox-small-left{margin:4px 1em 4px 0;overflow:hidden;width:238px;border-collapse:collapse;font-size:88%;line-height:1.25em}.mw-parser-output .ambox-speedy{border-left:10px solid #b32424;background-color:#fee7e6}.mw-parser-output .ambox-delete{border-left:10px solid #b32424}.mw-parser-output .ambox-content{border-left:10px solid #f28500}.mw-parser-output .ambox-style{border-left:10px solid #fc3}.mw-parser-output .ambox-move{border-left:10px solid #9932cc}.mw-parser-output .ambox-protection{border-left:10px solid #a2a9b1}.mw-parser-output .ambox .mbox-text{border:none;padding:0.25em 0.5em;width:100%}.mw-parser-output .ambox .mbox-image{border:none;padding:2px 0 2px 0.5em;text-align:center}.mw-parser-output .ambox .mbox-imageright{border:none;padding:2px 0.5em 2px 0;text-align:center}.mw-parser-output .ambox .mbox-empty-cell{border:none;padding:0;width:1px}.mw-parser-output .ambox .mbox-image-div{width:52px}@media(min-width:720px){.mw-parser-output .ambox{margin:0 10%}}@media print{body.ns-0 .mw-parser-output .ambox{display:none!important}}</style><table class="box-Context plainlinks metadata ambox ambox-style ambox-Context" role="presentation"><tbody><tr><td class="mbox-image"><div class="mbox-image-div"><span typeof="mw:File"><span><img alt="" src="//upload.wikimedia.org/wikipedia/en/thumb/f/f2/Edit-clear.svg/40px-Edit-clear.svg.png" decoding="async" width="40" height="40" class="mw-file-element" srcset="//upload.wikimedia.org/wikipedia/en/thumb/f/f2/Edit-clear.svg/60px-Edit-clear.svg.png 1.5x, //upload.wikimedia.org/wikipedia/en/thumb/f/f2/Edit-clear.svg/80px-Edit-clear.svg.png 2x" data-file-width="48" data-file-height="48" /></span></span></div></td><td class="mbox-text"><div class="mbox-text-span">This article <b>provides insufficient context for those unfamiliar with the subject</b>.<span class="hide-when-compact"> Please help <a class="external text" href="https://en.wikipedia.org/w/index.php?title=Collision_attack&amp;action=edit">improve the article</a> by <a href="/wiki/Wikipedia:Writing_better_articles#Provide_context_for_the_reader" title="Wikipedia:Writing better articles">providing more context for the reader</a>.</span> <span class="date-container"><i>(<span class="date">February 2020</span>)</i></span><span class="hide-when-compact"><i> (<small><a href="/wiki/Help:Maintenance_template_removal" title="Help:Maintenance template removal">Learn how and when to remove this message</a></small>)</i></span></div></td></tr></tbody></table> <p>In <a href="/wiki/Cryptography" title="Cryptography">cryptography</a>, a <b>collision attack</b> on a <a href="/wiki/Cryptographic_hash" class="mw-redirect" title="Cryptographic hash">cryptographic hash</a> tries to find two inputs producing the same hash value, i.e. a <a href="/wiki/Hash_collision" title="Hash collision">hash collision</a>. This is in contrast to a <a href="/wiki/Preimage_attack" title="Preimage attack">preimage attack</a> where a specific target hash value is specified. </p><p>There are roughly two types of collision attacks: </p> <dl><dt>Classical collision attack</dt> <dd>Find two different messages <i>m</i>₁ and <i>m</i>₂ such that <i>hash</i>(<i>m</i>₁) = <i>hash</i>(<i>m</i>₂).</dd></dl> <p>More generally: </p> <dl><dt>Chosen-prefix collision attack</dt> <dd>Given two different prefixes <i>p</i>₁ and <i>p</i>₂, find two suffixes <i>s</i>₁ and <i>s</i>₂ such that <i>hash</i>(<i>p</i>₁ ∥ <i>s</i>₁) = <i>hash</i>(<i>p</i>₂ ∥ <i>s</i>₂), where ∥ denotes the <a href="/wiki/Concatenation" title="Concatenation">concatenation</a> operation.</dd></dl> <meta property="mw:PageProp/toc" /> <div class="mw-heading mw-heading2"><h2 id="Classical_collision_attack">Classical collision attack</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Collision_attack&amp;action=edit&amp;section=1" title="Edit section: Classical collision attack"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>Much like <a href="/wiki/Symmetric-key_cipher" class="mw-redirect" title="Symmetric-key cipher">symmetric-key ciphers</a> are vulnerable to <a href="/wiki/Brute_force_attack" class="mw-redirect" title="Brute force attack">brute force attacks</a>, every <a href="/wiki/Cryptographic_hash_function" title="Cryptographic hash function">cryptographic hash function</a> is inherently vulnerable to collisions using a <a href="/wiki/Birthday_attack" title="Birthday attack">birthday attack</a>. Due to the <a href="/wiki/Birthday_problem" title="Birthday problem">birthday problem</a>, these attacks are much faster than a brute force would be. A hash of <i>n</i> bits can be broken in 2^<i>n</i>/2 time steps (evaluations of the hash function). </p><p>Mathematically stated, a collision attack finds two different messages <i>m1</i> and <i>m2</i>, such that <i>hash(m1)</i> = <i>hash(m2)</i>. In a classical collision attack, the attacker has no control over the content of either message, but they are arbitrarily chosen by the algorithm. </p><p>More efficient attacks are possible by employing <a href="/wiki/Cryptanalysis" title="Cryptanalysis">cryptanalysis</a> to specific hash functions. When a collision attack is discovered and is found to be faster than a birthday attack, a hash function is often denounced as "broken". The <a href="/wiki/NIST_hash_function_competition" title="NIST hash function competition">NIST hash function competition</a> was largely induced by published collision attacks against two very commonly used hash functions, <a href="/wiki/MD5" title="MD5">MD5</a><sup id="cite_ref-md5-2004_1-0" class="reference"><a href="#cite_note-md5-2004-1"><span class="cite-bracket">&#91;</span>1<span class="cite-bracket">&#93;</span></a></sup> and <a href="/wiki/SHA-1" title="SHA-1">SHA-1</a>. The collision attacks against MD5 have improved so much that, as of 2007, it takes just a few seconds on a regular computer.<sup id="cite_ref-2" class="reference"><a href="#cite_note-2"><span class="cite-bracket">&#91;</span>2<span class="cite-bracket">&#93;</span></a></sup> Hash collisions created this way are usually constant length and largely unstructured, so cannot directly be applied to attack widespread document formats or protocols. </p><p>However, workarounds are possible by abusing dynamic constructs present in many formats. In this way, two documents would be created which are as similar as possible in order to have the same hash value. One document would be shown to an authority to be signed, and then the signature could be copied to the other file. Such a malicious document would contain two different messages in the same document, but conditionally display one or the other through subtle changes to the file: </p> <ul><li>Some document formats like <a href="/wiki/PostScript" title="PostScript">PostScript</a>, or <a href="/wiki/Macro_(computer_science)" title="Macro (computer science)">macros</a> in <a href="/wiki/Microsoft_Word" title="Microsoft Word">Microsoft Word</a>, have conditional constructs.<sup id="cite_ref-3" class="reference"><a href="#cite_note-3"><span class="cite-bracket">&#91;</span>3<span class="cite-bracket">&#93;</span></a></sup><sup id="cite_ref-special-file-formats_4-0" class="reference"><a href="#cite_note-special-file-formats-4"><span class="cite-bracket">&#91;</span>4<span class="cite-bracket">&#93;</span></a></sup> (if-then-else) that allow testing whether a location in the file has one value or another in order to control what is displayed.</li> <li><a href="/wiki/TIFF" title="TIFF">TIFF</a> files can contain cropped images, with a different part of an image being displayed without affecting the hash value.<sup id="cite_ref-special-file-formats_4-1" class="reference"><a href="#cite_note-special-file-formats-4"><span class="cite-bracket">&#91;</span>4<span class="cite-bracket">&#93;</span></a></sup></li> <li><a href="/wiki/PDF" title="PDF">PDF</a> files are vulnerable to collision attacks by using color value (such that text of one message is displayed with a white color that blends into the background, and text of the other message is displayed with a dark color) which can then be altered to change the signed document's content.<sup id="cite_ref-special-file-formats_4-2" class="reference"><a href="#cite_note-special-file-formats-4"><span class="cite-bracket">&#91;</span>4<span class="cite-bracket">&#93;</span></a></sup></li></ul> <div class="mw-heading mw-heading2"><h2 id="Chosen-prefix_collision_attack">Chosen-prefix collision attack</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Collision_attack&amp;action=edit&amp;section=2" title="Edit section: Chosen-prefix collision attack"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>An extension of the collision attack is the chosen-prefix collision attack, which is specific to <a href="/wiki/Merkle%E2%80%93Damg%C3%A5rd_construction" title="Merkle–Damgård construction">Merkle–Damgård hash functions</a>. In this case, the attacker can choose two arbitrarily different documents, and then append different calculated values that result in the whole documents having an equal hash value. This attack is normally harder, a hash of n bits can be broken in 2^(n/2)+1 time steps, but is much more powerful than a classical collision attack. </p><p>Mathematically stated, given two different prefixes <i>p</i>₁, <i>p</i>₂, the attack finds two suffixes <i>s</i>₁ and <i>s</i>₂ such that <i>hash</i>(<i>p</i>₁ ∥ <i>s</i>₁) = <i>hash</i>(<i>p</i>₂ ∥ <i>s</i>₂) (where ∥ is the <a href="/wiki/Concatenation" title="Concatenation">concatenation</a> operation). </p><p>More efficient attacks are also possible by employing <a href="/wiki/Cryptanalysis" title="Cryptanalysis">cryptanalysis</a> to specific hash functions. In 2007, a chosen-prefix collision attack was found against MD5, requiring roughly 2⁵⁰ evaluations of the MD5 function. The paper also demonstrates two <a href="/wiki/X.509" title="X.509">X.509</a> certificates for different domain names, with colliding hash values. This means that a <a href="/wiki/Certificate_authority" title="Certificate authority">certificate authority</a> could be asked to sign a certificate for one domain, and then that certificate (specially its signature) could be used to create a new rogue certificate to impersonate another domain.<sup id="cite_ref-md5-chosen-2007_5-0" class="reference"><a href="#cite_note-md5-chosen-2007-5"><span class="cite-bracket">&#91;</span>5<span class="cite-bracket">&#93;</span></a></sup> </p><p>A real-world collision attack was published in December 2008 when a group of security researchers published a forged <a href="/wiki/X.509" title="X.509">X.509</a> signing certificate that could be used to impersonate a <a href="/wiki/Certificate_authority" title="Certificate authority">certificate authority</a>, taking advantage of a prefix collision attack against the MD5 hash function. This meant that an attacker could impersonate any <a href="/wiki/Transport_Layer_Security" title="Transport Layer Security">SSL</a>-secured website as a <a href="/wiki/Man-in-the-middle" class="mw-redirect" title="Man-in-the-middle">man-in-the-middle</a>, thereby subverting the certificate validation built in every <a href="/wiki/Web_browser" title="Web browser">web browser</a> to protect <a href="/wiki/Electronic_commerce" class="mw-redirect" title="Electronic commerce">electronic commerce</a>. The rogue certificate may not be revokable by real authorities, and could also have an arbitrary forged expiry time. Even though MD5 was known to be very weak in 2004,<sup id="cite_ref-md5-2004_1-1" class="reference"><a href="#cite_note-md5-2004-1"><span class="cite-bracket">&#91;</span>1<span class="cite-bracket">&#93;</span></a></sup> certificate authorities were still willing to sign MD5-verified certificates in December 2008,<sup id="cite_ref-6" class="reference"><a href="#cite_note-6"><span class="cite-bracket">&#91;</span>6<span class="cite-bracket">&#93;</span></a></sup> and at least one Microsoft code-signing certificate was still using MD5 in May 2012. </p><p>The <a href="/wiki/Flame_(malware)" title="Flame (malware)">Flame</a> malware successfully used a new variation of a chosen-prefix collision attack to spoof <a href="/wiki/Code_signing" title="Code signing">code signing</a> of its components by a Microsoft root certificate that still used the compromised MD5 algorithm.<sup id="cite_ref-7" class="reference"><a href="#cite_note-7"><span class="cite-bracket">&#91;</span>7<span class="cite-bracket">&#93;</span></a></sup><sup id="cite_ref-8" class="reference"><a href="#cite_note-8"><span class="cite-bracket">&#91;</span>8<span class="cite-bracket">&#93;</span></a></sup> </p><p>In 2019, researchers found a chosen-prefix collision attack against <a href="/wiki/SHA-1" title="SHA-1">SHA-1</a> with computing complexity between 2^66.9 and 2^69.4 and cost less than 100,000 US dollars. <sup id="cite_ref-SHA-1_collision_attacks_are_now_actually_practical_and_a_looming_danger_2019_9-0" class="reference"><a href="#cite_note-SHA-1_collision_attacks_are_now_actually_practical_and_a_looming_danger_2019-9"><span class="cite-bracket">&#91;</span>9<span class="cite-bracket">&#93;</span></a></sup><sup id="cite_ref-Collisions_of_Chosen-Prefix_Collisions_SHA-1_2019_10-0" class="reference"><a href="#cite_note-Collisions_of_Chosen-Prefix_Collisions_SHA-1_2019-10"><span class="cite-bracket">&#91;</span>10<span class="cite-bracket">&#93;</span></a></sup> In 2020, researchers reduced the complexity of a chosen-prefix collision attack against SHA-1 to 2^63.4. <sup id="cite_ref-SHA-1_is_a_Shambles_-_First_Chosen-Prefix_Collision_on_SHA-1_and_Application_to_the_PGP_Web_of_Trust_11-0" class="reference"><a href="#cite_note-SHA-1_is_a_Shambles_-_First_Chosen-Prefix_Collision_on_SHA-1_and_Application_to_the_PGP_Web_of_Trust-11"><span class="cite-bracket">&#91;</span>11<span class="cite-bracket">&#93;</span></a></sup> </p> <div class="mw-heading mw-heading2"><h2 id="Attack_scenarios">Attack scenarios</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Collision_attack&amp;action=edit&amp;section=3" title="Edit section: Attack scenarios"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>Many applications of cryptographic hash functions do not rely on <a href="/wiki/Collision_resistance" title="Collision resistance">collision resistance</a>, thus collision attacks do not affect their security. For example, <a href="/wiki/HMAC" title="HMAC">HMACs</a> are not vulnerable.<sup id="cite_ref-collision-qna_12-0" class="reference"><a href="#cite_note-collision-qna-12"><span class="cite-bracket">&#91;</span>12<span class="cite-bracket">&#93;</span></a></sup> For the attack to be useful, the attacker must be in control of the input to the hash function. </p> <div class="mw-heading mw-heading3"><h3 id="Digital_signatures">Digital signatures</h3><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Collision_attack&amp;action=edit&amp;section=4" title="Edit section: Digital signatures"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>Because <a href="/wiki/Digital_signature" title="Digital signature">digital signature</a> algorithms cannot sign a large amount of data efficiently, most implementations use a hash function to reduce ("compress") the amount of data that needs to be signed down to a constant size. Digital signature schemes often become vulnerable to hash collisions as soon as the underlying hash function is practically broken; techniques like randomized (salted) hashing will buy extra time by requiring the harder <a href="/wiki/Preimage_attack" title="Preimage attack">preimage attack</a>.<sup id="cite_ref-13" class="reference"><a href="#cite_note-13"><span class="cite-bracket">&#91;</span>13<span class="cite-bracket">&#93;</span></a></sup> </p><p>The usual attack scenario goes like this: </p> <ol><li>Mallory creates two different documents A and B that have an identical hash value, i.e., a collision. Mallory seeks to deceive Bob into accepting document B, ostensibly from Alice.</li> <li>Mallory <b>sends document A to Alice</b>, who agrees to what the document says, signs its hash, and sends the signature to Mallory.</li> <li>Mallory attaches the signature from document A to document B.</li> <li>Mallory then <b>sends the signature and document B to Bob</b>, claiming that Alice signed B. Because the digital signature matches document B's hash, Bob's software is unable to detect the substitution.<sup class="noprint Inline-Template Template-Fact" style="white-space:nowrap;">&#91;<i><a href="/wiki/Wikipedia:Citation_needed" title="Wikipedia:Citation needed"><span title="This claim needs references to reliable sources. (September 2023)">citation needed</span></a></i>&#93;</sup></li></ol> <p>In 2008, researchers used a chosen-prefix collision attack against <a href="/wiki/MD5" title="MD5">MD5</a> using this scenario, to produce a rogue <a href="/wiki/Certificate_authority" title="Certificate authority">certificate authority</a> certificate. They created two versions of a <a href="/wiki/Transport_Layer_Security" title="Transport Layer Security">TLS</a> <a href="/wiki/Public_key_certificate" title="Public key certificate">public key certificate</a>, one of which appeared legitimate and was submitted for signing by the RapidSSL certificate authority. The second version, which had the same MD5 hash, contained flags which signal web browsers to accept it as a legitimate authority for issuing arbitrary other certificates.<sup id="cite_ref-14" class="reference"><a href="#cite_note-14"><span class="cite-bracket">&#91;</span>14<span class="cite-bracket">&#93;</span></a></sup> </p> <div class="mw-heading mw-heading3"><h3 id="Hash_flooding">Hash flooding</h3><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Collision_attack&amp;action=edit&amp;section=5" title="Edit section: Hash flooding"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p><b>Hash flooding</b> (also known as <b>HashDoS</b><sup id="cite_ref-15" class="reference"><a href="#cite_note-15"><span class="cite-bracket">&#91;</span>15<span class="cite-bracket">&#93;</span></a></sup>) is a <a href="/wiki/Denial_of_service" class="mw-redirect" title="Denial of service">denial of service</a> attack that uses hash collisions to exploit the worst-case (linear probe) runtime of <a href="/wiki/Hash_table" title="Hash table">hash table</a> lookups.<sup id="cite_ref-v8_16-0" class="reference"><a href="#cite_note-v8-16"><span class="cite-bracket">&#91;</span>16<span class="cite-bracket">&#93;</span></a></sup> It was originally described in 2003. To execute such an attack, the attacker sends the server multiple pieces of data that hash to the same value and then tries to get the server to perform slow lookups. As the main focus of hash functions used in hash tables was speed instead of security, most major programming languages were affected,<sup id="cite_ref-17" class="reference"><a href="#cite_note-17"><span class="cite-bracket">&#91;</span>17<span class="cite-bracket">&#93;</span></a></sup> with new vulnerabilities of this class still showing up a decade after the original presentation.<sup id="cite_ref-v8_16-1" class="reference"><a href="#cite_note-v8-16"><span class="cite-bracket">&#91;</span>16<span class="cite-bracket">&#93;</span></a></sup> </p><p>To prevent hash flooding without making the hash function overly complex, newer <a href="/wiki/Keyed_hash_function" class="mw-redirect" title="Keyed hash function">keyed hash functions</a> are introduced, with the security objective that collisions are hard to find as long as the key is unknown. They may be slower than previous hashes, but are still much easier to compute than cryptographic hashes. As of 2021, Jean-Philippe Aumasson and <a href="/wiki/Daniel_J._Bernstein" title="Daniel J. Bernstein">Daniel J. Bernstein</a>'s <a href="/wiki/SipHash" title="SipHash">SipHash</a> (2012) is the most widely-used hash function in this class.<sup id="cite_ref-SipHash_18-0" class="reference"><a href="#cite_note-SipHash-18"><span class="cite-bracket">&#91;</span>18<span class="cite-bracket">&#93;</span></a></sup> (Non-keyed "simple" hashes remain safe to use as long as the application's hash table is not controllable from the outside.) </p><p>It is possible to perform an analogous attack to fill up <a href="/wiki/Bloom_filter" title="Bloom filter">Bloom filters</a> using a (partial) preimage attack.<sup id="cite_ref-19" class="reference"><a href="#cite_note-19"><span class="cite-bracket">&#91;</span>19<span class="cite-bracket">&#93;</span></a></sup> </p> <div class="mw-heading mw-heading2"><h2 id="See_also">See also</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Collision_attack&amp;action=edit&amp;section=6" title="Edit section: See also"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <ul><li><a href="/wiki/Puzzle_friendliness" title="Puzzle friendliness">Puzzle friendliness</a></li></ul> <div class="mw-heading mw-heading2"><h2 id="References">References</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Collision_attack&amp;action=edit&amp;section=7" title="Edit section: References"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <style data-mw-deduplicate="TemplateStyles:r1239543626">.mw-parser-output .reflist{margin-bottom:0.5em;list-style-type:decimal}@media screen{.mw-parser-output .reflist{font-size:90%}}.mw-parser-output .reflist .references{font-size:100%;margin-bottom:0;list-style-type:inherit}.mw-parser-output .reflist-columns-2{column-width:30em}.mw-parser-output .reflist-columns-3{column-width:25em}.mw-parser-output .reflist-columns{margin-top:0.3em}.mw-parser-output .reflist-columns ol{margin-top:0}.mw-parser-output .reflist-columns li{page-break-inside:avoid;break-inside:avoid-column}.mw-parser-output .reflist-upper-alpha{list-style-type:upper-alpha}.mw-parser-output .reflist-upper-roman{list-style-type:upper-roman}.mw-parser-output .reflist-lower-alpha{list-style-type:lower-alpha}.mw-parser-output .reflist-lower-greek{list-style-type:lower-greek}.mw-parser-output .reflist-lower-roman{list-style-type:lower-roman}</style><div class="reflist"> <div class="mw-references-wrap mw-references-columns"><ol class="references"> <li id="cite_note-md5-2004-1"><span class="mw-cite-backlink">^ <a href="#cite_ref-md5-2004_1-0">^{<i><b>a</b></i>}</a> <a href="#cite_ref-md5-2004_1-1">^{<i><b>b</b></i>}</a></span> <span class="reference-text">Xiaoyun Wang, Dengguo Feng, Xuejia Lai, Hongbo Yu: <a rel="nofollow" class="external text" href="http://eprint.iacr.org/2004/199">Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD</a>, Cryptology ePrint Archive Report 2004/199, 16 Aug 2004, revised 17 Aug 2004. Retrieved July 27, 2008.</span> </li> <li id="cite_note-2"><span class="mw-cite-backlink"><b><a href="#cite_ref-2">^</a></b></span> <span class="reference-text"><style data-mw-deduplicate="TemplateStyles:r1238218222">.mw-parser-output cite.citation{font-style:inherit;word-wrap:break-word}.mw-parser-output .citation q{quotes:"\"""\"""'""'"}.mw-parser-output .citation:target{background-color:rgba(0,127,255,0.133)}.mw-parser-output .id-lock-free.id-lock-free a{background:url("//upload.wikimedia.org/wikipedia/commons/6/65/Lock-green.svg")right 0.1em center/9px no-repeat}.mw-parser-output .id-lock-limited.id-lock-limited a,.mw-parser-output .id-lock-registration.id-lock-registration a{background:url("//upload.wikimedia.org/wikipedia/commons/d/d6/Lock-gray-alt-2.svg")right 0.1em center/9px no-repeat}.mw-parser-output .id-lock-subscription.id-lock-subscription a{background:url("//upload.wikimedia.org/wikipedia/commons/a/aa/Lock-red-alt-2.svg")right 0.1em center/9px no-repeat}.mw-parser-output .cs1-ws-icon a{background:url("//upload.wikimedia.org/wikipedia/commons/4/4c/Wikisource-logo.svg")right 0.1em center/12px no-repeat}body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-free a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-limited a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-registration a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-subscription a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .cs1-ws-icon a{background-size:contain;padding:0 1em 0 0}.mw-parser-output .cs1-code{color:inherit;background:inherit;border:none;padding:inherit}.mw-parser-output .cs1-hidden-error{display:none;color:var(--color-error,#d33)}.mw-parser-output .cs1-visible-error{color:var(--color-error,#d33)}.mw-parser-output .cs1-maint{display:none;color:#085;margin-left:0.3em}.mw-parser-output .cs1-kern-left{padding-left:0.2em}.mw-parser-output .cs1-kern-right{padding-right:0.2em}.mw-parser-output .citation .mw-selflink{font-weight:inherit}@media screen{.mw-parser-output .cs1-format{font-size:95%}html.skin-theme-clientpref-night .mw-parser-output .cs1-maint{color:#18911f}}@media screen and (prefers-color-scheme:dark){html.skin-theme-clientpref-os .mw-parser-output .cs1-maint{color:#18911f}}</style><cite id="CITEREFM.M.J._Stevens2007" class="citation journal cs1">M.M.J. Stevens (June 2007). <a rel="nofollow" class="external text" href="http://www.win.tue.nl/hashclash/On%20Collisions%20for%20MD5%20-%20M.M.J.%20Stevens.pdf">"On Collisions for MD5"</a> <span class="cs1-format">(PDF)</span>. <q>[...] we are able to find collisions for MD5 in about 2^24.1 compressions for recommended IHVs which takes approx. 6 seconds on a 2.6GHz Pentium 4.</q></cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=article&amp;rft.atitle=On+Collisions+for+MD5&amp;rft.date=2007-06&amp;rft.au=M.M.J.+Stevens&amp;rft_id=http%3A%2F%2Fwww.win.tue.nl%2Fhashclash%2FOn%2520Collisions%2520for%2520MD5%2520-%2520M.M.J.%2520Stevens.pdf&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span> <span class="cs1-visible-error citation-comment"><code class="cs1-code">{{<a href="/wiki/Template:Cite_journal" title="Template:Cite journal">cite journal</a>}}</code>: </span><span class="cs1-visible-error citation-comment">Cite journal requires <code class="cs1-code">&#124;journal=</code> (<a href="/wiki/Help:CS1_errors#missing_periodical" title="Help:CS1 errors">help</a>)</span></span> </li> <li id="cite_note-3"><span class="mw-cite-backlink"><b><a href="#cite_ref-3">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFMagnus_DaumStefan_Lucks" class="citation web cs1">Magnus Daum; <a href="/wiki/Stefan_Lucks" title="Stefan Lucks">Stefan Lucks</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20100327141611/http://th.informatik.uni-mannheim.de/people/lucks/HashCollisions/">"Hash Collisions (The Poisoned Message Attack)"</a>. <i><a href="/wiki/Eurocrypt" class="mw-redirect" title="Eurocrypt">Eurocrypt</a> 2005 rump session</i>. Archived from <a rel="nofollow" class="external text" href="http://th.informatik.uni-mannheim.de/People/lucks/HashCollisions/">the original</a> on 2010-03-27.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=Eurocrypt+2005+rump+session&amp;rft.atitle=Hash+Collisions+%28The+Poisoned+Message+Attack%29&amp;rft.au=Magnus+Daum&amp;rft.au=Stefan+Lucks&amp;rft_id=http%3A%2F%2Fth.informatik.uni-mannheim.de%2FPeople%2Flucks%2FHashCollisions%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span></span> </li> <li id="cite_note-special-file-formats-4"><span class="mw-cite-backlink">^ <a href="#cite_ref-special-file-formats_4-0">^{<i><b>a</b></i>}</a> <a href="#cite_ref-special-file-formats_4-1">^{<i><b>b</b></i>}</a> <a href="#cite_ref-special-file-formats_4-2">^{<i><b>c</b></i>}</a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFMax_GebhardtGeorg_IlliesWerner_Schindler2017" class="citation journal cs1">Max Gebhardt; Georg Illies; Werner Schindler (4 January 2017). <a rel="nofollow" class="external text" href="http://csrc.nist.gov/groups/ST/hash/documents/Illies_NIST_05.pdf">"A Note on the Practical Value of Single Hash Collisions for Special File Formats"</a> <span class="cs1-format">(PDF)</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=article&amp;rft.atitle=A+Note+on+the+Practical+Value+of+Single+Hash+Collisions+for+Special+File+Formats&amp;rft.date=2017-01-04&amp;rft.au=Max+Gebhardt&amp;rft.au=Georg+Illies&amp;rft.au=Werner+Schindler&amp;rft_id=http%3A%2F%2Fcsrc.nist.gov%2Fgroups%2FST%2Fhash%2Fdocuments%2FIllies_NIST_05.pdf&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span> <span class="cs1-visible-error citation-comment"><code class="cs1-code">{{<a href="/wiki/Template:Cite_journal" title="Template:Cite journal">cite journal</a>}}</code>: </span><span class="cs1-visible-error citation-comment">Cite journal requires <code class="cs1-code">&#124;journal=</code> (<a href="/wiki/Help:CS1_errors#missing_periodical" title="Help:CS1 errors">help</a>)</span></span> </li> <li id="cite_note-md5-chosen-2007-5"><span class="mw-cite-backlink"><b><a href="#cite_ref-md5-chosen-2007_5-0">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFMarc_StevensArjen_LenstraBenne_de_Weger2007" class="citation book cs1">Marc Stevens; Arjen Lenstra; Benne de Weger (2007-11-30). <a rel="nofollow" class="external text" href="http://www.win.tue.nl/hashclash/ChosenPrefixCollisions/">"Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities"</a>. <i>Advances in Cryptology - EUROCRYPT 2007</i>. Lecture Notes in Computer Science. Vol.&#160;4515. p.&#160;1. <a href="/wiki/Bibcode_(identifier)" class="mw-redirect" title="Bibcode (identifier)">Bibcode</a>:<a rel="nofollow" class="external text" href="https://ui.adsabs.harvard.edu/abs/2007LNCS.4515....1S">2007LNCS.4515....1S</a>. <a href="/wiki/Doi_(identifier)" class="mw-redirect" title="Doi (identifier)">doi</a>:<span class="id-lock-free" title="Freely accessible"><a rel="nofollow" class="external text" href="https://doi.org/10.1007%2F978-3-540-72540-4_1">10.1007/978-3-540-72540-4_1</a></span>. <a href="/wiki/ISBN_(identifier)" class="mw-redirect" title="ISBN (identifier)">ISBN</a>&#160;<a href="/wiki/Special:BookSources/978-3-540-72539-8" title="Special:BookSources/978-3-540-72539-8"><bdi>978-3-540-72539-8</bdi></a>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=bookitem&amp;rft.atitle=Chosen-Prefix+Collisions+for+MD5+and+Colliding+X.509+Certificates+for+Different+Identities&amp;rft.btitle=Advances+in+Cryptology+-+EUROCRYPT+2007&amp;rft.series=Lecture+Notes+in+Computer+Science&amp;rft.pages=1&amp;rft.date=2007-11-30&amp;rft_id=info%3Adoi%2F10.1007%2F978-3-540-72540-4_1&amp;rft_id=info%3Abibcode%2F2007LNCS.4515....1S&amp;rft.isbn=978-3-540-72539-8&amp;rft.au=Marc+Stevens&amp;rft.au=Arjen+Lenstra&amp;rft.au=Benne+de+Weger&amp;rft_id=http%3A%2F%2Fwww.win.tue.nl%2Fhashclash%2FChosenPrefixCollisions%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span></span> </li> <li id="cite_note-6"><span class="mw-cite-backlink"><b><a href="#cite_ref-6">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFAlexander_Sotirov2008" class="citation web cs1">Alexander Sotirov; et&#160;al. (2008-12-30). <a rel="nofollow" class="external text" href="https://web.archive.org/web/20120418172628/http://www.phreedom.org/research/rogue-ca/">"Creating a rogue CA certificate"</a>. Archived from <a rel="nofollow" class="external text" href="http://www.phreedom.org/research/rogue-ca/">the original</a> on 2012-04-18<span class="reference-accessdate">. Retrieved <span class="nowrap">2009-10-07</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Creating+a+rogue+CA+certificate&amp;rft.date=2008-12-30&amp;rft.au=Alexander+Sotirov&amp;rft_id=http%3A%2F%2Fwww.phreedom.org%2Fresearch%2Frogue-ca%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span></span> </li> <li id="cite_note-7"><span class="mw-cite-backlink"><b><a href="#cite_ref-7">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20120607215605/http://blogs.technet.com/b/msrc/archive/2012/06/03/microsoft-releases-security-advisory-2718704.aspx?Redirected=true">"Microsoft releases Security Advisory 2718704"</a>. <a href="/wiki/Microsoft" title="Microsoft">Microsoft</a>. 3 June 2012. Archived from <a rel="nofollow" class="external text" href="http://blogs.technet.com/b/msrc/archive/2012/06/03/microsoft-releases-security-advisory-2718704.aspx?Redirected=true">the original</a> on 7 June 2012<span class="reference-accessdate">. Retrieved <span class="nowrap">4 June</span> 2012</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Microsoft+releases+Security+Advisory+2718704&amp;rft.pub=Microsoft&amp;rft.date=2012-06-03&amp;rft_id=http%3A%2F%2Fblogs.technet.com%2Fb%2Fmsrc%2Farchive%2F2012%2F06%2F03%2Fmicrosoft-releases-security-advisory-2718704.aspx%3FRedirected%3Dtrue&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span></span> </li> <li id="cite_note-8"><span class="mw-cite-backlink"><b><a href="#cite_ref-8">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFMarc_Stevens2012" class="citation web cs1">Marc Stevens (7 June 2012). <a rel="nofollow" class="external text" href="http://www.cwi.nl/news/2012/cwi-cryptanalist-discovers-new-cryptographic-attack-variant-in-flame-spy-malware">"CWI Cryptanalist Discovers New Cryptographic Attack Variant in Flame Spy Malware"</a>. Centrum Wiskunde &amp; Informatica<span class="reference-accessdate">. Retrieved <span class="nowrap">9 June</span> 2012</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=CWI+Cryptanalist+Discovers+New+Cryptographic+Attack+Variant+in+Flame+Spy+Malware&amp;rft.pub=Centrum+Wiskunde+%26+Informatica&amp;rft.date=2012-06-07&amp;rft.au=Marc+Stevens&amp;rft_id=http%3A%2F%2Fwww.cwi.nl%2Fnews%2F2012%2Fcwi-cryptanalist-discovers-new-cryptographic-attack-variant-in-flame-spy-malware&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span></span> </li> <li id="cite_note-SHA-1_collision_attacks_are_now_actually_practical_and_a_looming_danger_2019-9"><span class="mw-cite-backlink"><b><a href="#cite_ref-SHA-1_collision_attacks_are_now_actually_practical_and_a_looming_danger_2019_9-0">^</a></b></span> <span class="reference-text"> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFCatalin_Cimpanu2019" class="citation news cs1">Catalin Cimpanu (2019-05-13). <a rel="nofollow" class="external text" href="https://www.zdnet.com/article/sha-1-collision-attacks-are-now-actually-practical-and-a-looming-danger/">"SHA-1 collision attacks are now actually practical and a looming danger"</a>. <i>ZDNet</i>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=article&amp;rft.jtitle=ZDNet&amp;rft.atitle=SHA-1+collision+attacks+are+now+actually+practical+and+a+looming+danger&amp;rft.date=2019-05-13&amp;rft.au=Catalin+Cimpanu&amp;rft_id=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fsha-1-collision-attacks-are-now-actually-practical-and-a-looming-danger%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span> </span> </li> <li id="cite_note-Collisions_of_Chosen-Prefix_Collisions_SHA-1_2019-10"><span class="mw-cite-backlink"><b><a href="#cite_ref-Collisions_of_Chosen-Prefix_Collisions_SHA-1_2019_10-0">^</a></b></span> <span class="reference-text"> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFGaëtan_LeurentThomas_Peyrin2019" class="citation web cs1">Gaëtan Leurent; Thomas Peyrin (2019-05-06). <a rel="nofollow" class="external text" href="https://eprint.iacr.org/2019/459.pdf">"From Collisions to Chosen-Prefix Collisions Application to Full SHA-1"</a> <span class="cs1-format">(PDF)</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=From+Collisions+to+Chosen-Prefix+Collisions+Application+to+Full+SHA-1&amp;rft.date=2019-05-06&amp;rft.au=Ga%C3%ABtan+Leurent&amp;rft.au=Thomas+Peyrin&amp;rft_id=https%3A%2F%2Feprint.iacr.org%2F2019%2F459.pdf&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span> </span> </li> <li id="cite_note-SHA-1_is_a_Shambles_-_First_Chosen-Prefix_Collision_on_SHA-1_and_Application_to_the_PGP_Web_of_Trust-11"><span class="mw-cite-backlink"><b><a href="#cite_ref-SHA-1_is_a_Shambles_-_First_Chosen-Prefix_Collision_on_SHA-1_and_Application_to_the_PGP_Web_of_Trust_11-0">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFGaëtan_LeurentThomas_Peyrin2020" class="citation web cs1">Gaëtan Leurent; Thomas Peyrin (2020-01-05). <a rel="nofollow" class="external text" href="https://eprint.iacr.org/2020/014.pdf">"SHA-1 is a Shambles - First Chosen-Prefix Collision on SHA-1 and Application to the PGP Web of Trust"</a> <span class="cs1-format">(PDF)</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=SHA-1+is+a+Shambles+-+First+Chosen-Prefix+Collision+on+SHA-1+and+Application+to+the+PGP+Web+of+Trust&amp;rft.date=2020-01-05&amp;rft.au=Ga%C3%ABtan+Leurent&amp;rft.au=Thomas+Peyrin&amp;rft_id=https%3A%2F%2Feprint.iacr.org%2F2020%2F014.pdf&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span></span> </li> <li id="cite_note-collision-qna-12"><span class="mw-cite-backlink"><b><a href="#cite_ref-collision-qna_12-0">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20080717103333/http://www.cryptography.com/cnews/hash.html">"Hash Collision Q&amp;A"</a>. Cryptography Research Inc. 2005-02-15. Archived from <a rel="nofollow" class="external text" href="http://www.cryptography.com/cnews/hash.html">the original</a> on 2008-07-17. <q>Because of the way hash functions are used in the HMAC construction, the techniques used in these recent attacks do not apply</q></cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Hash+Collision+Q%26A&amp;rft.pub=Cryptography+Research+Inc.&amp;rft.date=2005-02-15&amp;rft_id=http%3A%2F%2Fwww.cryptography.com%2Fcnews%2Fhash.html&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span></span> </li> <li id="cite_note-13"><span class="mw-cite-backlink"><b><a href="#cite_ref-13">^</a></b></span> <span class="reference-text">Shai Halevi and Hugo Krawczyk, <a rel="nofollow" class="external text" href="http://www.ee.technion.ac.il/~hugo/rhash/">Randomized Hashing and Digital Signatures</a> <a rel="nofollow" class="external text" href="https://web.archive.org/web/20090620072808/http://www.ee.technion.ac.il/~hugo/rhash/">Archived</a> 2009-06-20 at the <a href="/wiki/Wayback_Machine" title="Wayback Machine">Wayback Machine</a></span> </li> <li id="cite_note-14"><span class="mw-cite-backlink"><b><a href="#cite_ref-14">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFAlexander_SotirovMarc_StevensJacob_AppelbaumArjen_Lenstra2008" class="citation conference cs1">Alexander Sotirov; Marc Stevens; Jacob Appelbaum; Arjen Lenstra; David Molnar; Dag Arne Osvik; Benne de Weger (30 December 2008). <a rel="nofollow" class="external text" href="http://www.win.tue.nl/hashclash/rogue-ca/"><i>MD5 considered harmful today</i></a>. <a href="/wiki/Chaos_Communication_Congress" title="Chaos Communication Congress">Chaos Communication Congress</a> 2008.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=conference&amp;rft.btitle=MD5+considered+harmful+today&amp;rft.date=2008-12-30&amp;rft.au=Alexander+Sotirov&amp;rft.au=Marc+Stevens&amp;rft.au=Jacob+Appelbaum&amp;rft.au=Arjen+Lenstra&amp;rft.au=David+Molnar&amp;rft.au=Dag+Arne+Osvik&amp;rft.au=Benne+de+Weger&amp;rft_id=http%3A%2F%2Fwww.win.tue.nl%2Fhashclash%2Frogue-ca%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span></span> </li> <li id="cite_note-15"><span class="mw-cite-backlink"><b><a href="#cite_ref-15">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFFalkenbergMainkaSomorovskySchwenk2013" class="citation book cs1">Falkenberg, Andreas; Mainka, Christian; Somorovsky, Juraj; Schwenk, Jörg (2013). "A New Approach towards DoS Penetration Testing on Web Services". <i>2013 IEEE 20th International Conference on Web Services</i>. pp.&#160;<span class="nowrap">491–</span>498. <a href="/wiki/Doi_(identifier)" class="mw-redirect" title="Doi (identifier)">doi</a>:<a rel="nofollow" class="external text" href="https://doi.org/10.1109%2FICWS.2013.72">10.1109/ICWS.2013.72</a>. <a href="/wiki/ISBN_(identifier)" class="mw-redirect" title="ISBN (identifier)">ISBN</a>&#160;<a href="/wiki/Special:BookSources/978-0-7695-5025-1" title="Special:BookSources/978-0-7695-5025-1"><bdi>978-0-7695-5025-1</bdi></a>. <a href="/wiki/S2CID_(identifier)" class="mw-redirect" title="S2CID (identifier)">S2CID</a>&#160;<a rel="nofollow" class="external text" href="https://api.semanticscholar.org/CorpusID:17805370">17805370</a>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=bookitem&amp;rft.atitle=A+New+Approach+towards+DoS+Penetration+Testing+on+Web+Services&amp;rft.btitle=2013+IEEE+20th+International+Conference+on+Web+Services&amp;rft.pages=%3Cspan+class%3D%22nowrap%22%3E491-%3C%2Fspan%3E498&amp;rft.date=2013&amp;rft_id=https%3A%2F%2Fapi.semanticscholar.org%2FCorpusID%3A17805370%23id-name%3DS2CID&amp;rft_id=info%3Adoi%2F10.1109%2FICWS.2013.72&amp;rft.isbn=978-0-7695-5025-1&amp;rft.aulast=Falkenberg&amp;rft.aufirst=Andreas&amp;rft.au=Mainka%2C+Christian&amp;rft.au=Somorovsky%2C+Juraj&amp;rft.au=Schwenk%2C+J%C3%B6rg&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span></span> </li> <li id="cite_note-v8-16"><span class="mw-cite-backlink">^ <a href="#cite_ref-v8_16-0">^{<i><b>a</b></i>}</a> <a href="#cite_ref-v8_16-1">^{<i><b>b</b></i>}</a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://v8.dev/blog/hash-flooding">"About that hash flooding vulnerability in Node.js... · V8"</a>. <i>v8.dev</i>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=v8.dev&amp;rft.atitle=About+that+hash+flooding+vulnerability+in+Node.js...+%C2%B7+V8&amp;rft_id=https%3A%2F%2Fv8.dev%2Fblog%2Fhash-flooding&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span></span> </li> <li id="cite_note-17"><span class="mw-cite-backlink"><b><a href="#cite_ref-17">^</a></b></span> <span class="reference-text">Scott A. Crosby and Dan S. Wallach. 2003. Denial of service via algorithmic complexity attacks. In Proceedings of the 12th conference on USENIX Security Symposium - Volume 12 (SSYM'03), Vol. 12. USENIX Association, Berkeley, CA, USA, 3-3.</span> </li> <li id="cite_note-SipHash-18"><span class="mw-cite-backlink"><b><a href="#cite_ref-SipHash_18-0">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFJean-Philippe_AumassonDaniel_J._Bernstein2012" class="citation web cs1">Jean-Philippe Aumasson &amp; <a href="/wiki/Daniel_J._Bernstein" title="Daniel J. Bernstein">Daniel J. Bernstein</a> (2012-09-18). <a rel="nofollow" class="external text" href="https://131002.net/siphash/siphash.pdf">"SipHash: a fast short-input PRF"</a> <span class="cs1-format">(PDF)</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=SipHash%3A+a+fast+short-input+PRF&amp;rft.date=2012-09-18&amp;rft.au=Jean-Philippe+Aumasson&amp;rft.au=Daniel+J.+Bernstein&amp;rft_id=https%3A%2F%2F131002.net%2Fsiphash%2Fsiphash.pdf&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span></span> </li> <li id="cite_note-19"><span class="mw-cite-backlink"><b><a href="#cite_ref-19">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFGerbetKumarLauradoux2014" class="citation thesis cs1">Gerbet, Thomas; Kumar, Amrit; Lauradoux, Cédric (12 November 2014). <a rel="nofollow" class="external text" href="https://hal.inria.fr/hal-01082158v2"><i>The Power of Evil Choices in Bloom Filters</i></a> (report). INRIA Grenoble.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Adissertation&amp;rft.title=The+Power+of+Evil+Choices+in+Bloom+Filters&amp;rft.inst=INRIA+Grenoble&amp;rft.date=2014-11-12&amp;rft.aulast=Gerbet&amp;rft.aufirst=Thomas&amp;rft.au=Kumar%2C+Amrit&amp;rft.au=Lauradoux%2C+C%C3%A9dric&amp;rft_id=https%3A%2F%2Fhal.inria.fr%2Fhal-01082158v2&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ACollision+attack" class="Z3988"></span></span> </li> </ol></div></div> <div class="mw-heading mw-heading2"><h2 id="External_links">External links</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Collision_attack&amp;action=edit&amp;section=8" title="Edit section: External links"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <ul><li><a rel="nofollow" class="external text" href="https://web.archive.org/web/20151222161723/http://www.iaik.tugraz.at/content/research/krypto/sha1/MeaningfulCollisions.php">"Meaningful Collisions", attack scenarios for exploiting cryptographic hash collisions</a></li> <li><a rel="nofollow" class="external text" href="http://www.bishopfox.com/resources/tools/other-free-tools/md4md5-collision-code/">Fast MD5 and MD4 Collision Generators</a> - Bishop Fox (formerly Stach &amp; Liu). Create MD4 and MD5 hash collisions using groundbreaking new code that improves upon the techniques originally developed by Xiaoyun Wang. Using a 1.6&#160;GHz Pentium 4, MD5 collisions can be generated in an average of 45 minutes, and MD4 collisions can be generated in an average of 5 seconds. Originally released on 22Jun2006.</li></ul> <div class="navbox-styles"><style data-mw-deduplicate="TemplateStyles:r1129693374">.mw-parser-output .hlist dl,.mw-parser-output .hlist ol,.mw-parser-output .hlist ul{margin:0;padding:0}.mw-parser-output .hlist dd,.mw-parser-output .hlist dt,.mw-parser-output .hlist li{margin:0;display:inline}.mw-parser-output .hlist.inline,.mw-parser-output .hlist.inline dl,.mw-parser-output .hlist.inline ol,.mw-parser-output .hlist.inline ul,.mw-parser-output .hlist dl dl,.mw-parser-output .hlist dl ol,.mw-parser-output .hlist dl ul,.mw-parser-output .hlist ol dl,.mw-parser-output .hlist ol ol,.mw-parser-output .hlist ol ul,.mw-parser-output .hlist ul dl,.mw-parser-output .hlist ul ol,.mw-parser-output .hlist ul ul{display:inline}.mw-parser-output .hlist .mw-empty-li{display:none}.mw-parser-output .hlist dt::after{content:": "}.mw-parser-output .hlist dd::after,.mw-parser-output .hlist li::after{content:" · ";font-weight:bold}.mw-parser-output .hlist dd:last-child::after,.mw-parser-output .hlist dt:last-child::after,.mw-parser-output .hlist li:last-child::after{content:none}.mw-parser-output .hlist dd dd:first-child::before,.mw-parser-output .hlist dd dt:first-child::before,.mw-parser-output .hlist dd li:first-child::before,.mw-parser-output .hlist dt dd:first-child::before,.mw-parser-output .hlist dt dt:first-child::before,.mw-parser-output .hlist dt li:first-child::before,.mw-parser-output .hlist li dd:first-child::before,.mw-parser-output .hlist li dt:first-child::before,.mw-parser-output .hlist li li:first-child::before{content:" (";font-weight:normal}.mw-parser-output .hlist dd dd:last-child::after,.mw-parser-output .hlist dd dt:last-child::after,.mw-parser-output .hlist dd li:last-child::after,.mw-parser-output .hlist dt dd:last-child::after,.mw-parser-output .hlist dt dt:last-child::after,.mw-parser-output .hlist dt li:last-child::after,.mw-parser-output .hlist li dd:last-child::after,.mw-parser-output .hlist li dt:last-child::after,.mw-parser-output .hlist li li:last-child::after{content:")";font-weight:normal}.mw-parser-output .hlist ol{counter-reset:listitem}.mw-parser-output .hlist ol>li{counter-increment:listitem}.mw-parser-output .hlist ol>li::before{content:" "counter(listitem)"\a0 "}.mw-parser-output .hlist dd ol>li:first-child::before,.mw-parser-output .hlist dt ol>li:first-child::before,.mw-parser-output .hlist li ol>li:first-child::before{content:" ("counter(listitem)"\a0 "}</style><style data-mw-deduplicate="TemplateStyles:r1236075235">.mw-parser-output .navbox{box-sizing:border-box;border:1px solid #a2a9b1;width:100%;clear:both;font-size:88%;text-align:center;padding:1px;margin:1em auto 0}.mw-parser-output .navbox .navbox{margin-top:0}.mw-parser-output .navbox+.navbox,.mw-parser-output .navbox+.navbox-styles+.navbox{margin-top:-1px}.mw-parser-output .navbox-inner,.mw-parser-output .navbox-subgroup{width:100%}.mw-parser-output .navbox-group,.mw-parser-output .navbox-title,.mw-parser-output .navbox-abovebelow{padding:0.25em 1em;line-height:1.5em;text-align:center}.mw-parser-output .navbox-group{white-space:nowrap;text-align:right}.mw-parser-output .navbox,.mw-parser-output .navbox-subgroup{background-color:#fdfdfd}.mw-parser-output .navbox-list{line-height:1.5em;border-color:#fdfdfd}.mw-parser-output .navbox-list-with-group{text-align:left;border-left-width:2px;border-left-style:solid}.mw-parser-output tr+tr>.navbox-abovebelow,.mw-parser-output tr+tr>.navbox-group,.mw-parser-output tr+tr>.navbox-image,.mw-parser-output tr+tr>.navbox-list{border-top:2px solid #fdfdfd}.mw-parser-output .navbox-title{background-color:#ccf}.mw-parser-output .navbox-abovebelow,.mw-parser-output .navbox-group,.mw-parser-output .navbox-subgroup .navbox-title{background-color:#ddf}.mw-parser-output .navbox-subgroup .navbox-group,.mw-parser-output .navbox-subgroup .navbox-abovebelow{background-color:#e6e6ff}.mw-parser-output .navbox-even{background-color:#f7f7f7}.mw-parser-output .navbox-odd{background-color:transparent}.mw-parser-output .navbox .hlist td dl,.mw-parser-output .navbox .hlist td ol,.mw-parser-output .navbox .hlist td ul,.mw-parser-output .navbox td.hlist dl,.mw-parser-output .navbox td.hlist ol,.mw-parser-output .navbox td.hlist ul{padding:0.125em 0}.mw-parser-output .navbox .navbar{display:block;font-size:100%}.mw-parser-output .navbox-title .navbar{float:left;text-align:left;margin-right:0.5em}body.skin--responsive .mw-parser-output .navbox-image img{max-width:none!important}@media print{body.ns-0 .mw-parser-output .navbox{display:none!important}}</style><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1129693374"><style data-mw-deduplicate="TemplateStyles:r1239400231">.mw-parser-output .navbar{display:inline;font-size:88%;font-weight:normal}.mw-parser-output .navbar-collapse{float:left;text-align:left}.mw-parser-output .navbar-boxtext{word-spacing:0}.mw-parser-output .navbar ul{display:inline-block;white-space:nowrap;line-height:inherit}.mw-parser-output .navbar-brackets::before{margin-right:-0.125em;content:"[ "}.mw-parser-output .navbar-brackets::after{margin-left:-0.125em;content:" ]"}.mw-parser-output .navbar li{word-spacing:-0.125em}.mw-parser-output .navbar a>span,.mw-parser-output .navbar a>abbr{text-decoration:inherit}.mw-parser-output .navbar-mini abbr{font-variant:small-caps;border-bottom:none;text-decoration:none;cursor:inherit}.mw-parser-output .navbar-ct-full{font-size:114%;margin:0 7em}.mw-parser-output .navbar-ct-mini{font-size:114%;margin:0 4em}html.skin-theme-clientpref-night .mw-parser-output .navbar li a abbr{color:var(--color-base)!important}@media(prefers-color-scheme:dark){html.skin-theme-clientpref-os .mw-parser-output .navbar li a abbr{color:var(--color-base)!important}}@media print{.mw-parser-output .navbar{display:none!important}}</style></div><div role="navigation" class="navbox" aria-label="Navbox0" style="padding:3px"><table class="nowraplinks hlist navbox-inner" style="border-spacing:0;background:transparent;color:inherit"><tbody><tr><td colspan="2" class="navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"></div><table class="nowraplinks navbox-subgroup" style="border-spacing:0"><tbody><tr><td colspan="2" class="navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"></div><table class="nowraplinks hlist mw-collapsible mw-collapsed navbox-subgroup" style="border-spacing:0"><tbody><tr><th scope="col" class="navbox-title" colspan="2"><div class="navbar plainlinks hlist navbar-mini"><ul><li class="nv-view"><a href="/wiki/Template:Cryptography_hash" title="Template:Cryptography hash"><abbr title="View this template">v</abbr></a></li><li class="nv-talk"><a href="/wiki/Template_talk:Cryptography_hash" title="Template talk:Cryptography hash"><abbr title="Discuss this template">t</abbr></a></li><li class="nv-edit"><a href="/wiki/Special:EditPage/Template:Cryptography_hash" title="Special:EditPage/Template:Cryptography hash"><abbr title="Edit this template">e</abbr></a></li></ul></div><div id="Cryptographic_hash_functions_and_message_authentication_codes539" style="font-size:114%;margin:0 4em"><a href="/wiki/Cryptographic_hash_function" title="Cryptographic hash function">Cryptographic hash functions</a> and <a href="/wiki/Message_authentication_code" title="Message authentication code">message authentication codes</a></div></th></tr><tr><td class="navbox-abovebelow" colspan="2"><div> <ul><li><a href="/wiki/List_of_hash_functions" title="List of hash functions">List</a></li> <li><a href="/wiki/Comparison_of_cryptographic_hash_functions" title="Comparison of cryptographic hash functions">Comparison</a></li> <li><a href="/wiki/Hash_function_security_summary" title="Hash function security summary">Known attacks</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Common functions</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/MD5" title="MD5">MD5</a> (compromised)</li> <li><a href="/wiki/SHA-1" title="SHA-1">SHA-1</a> (compromised)</li> <li><a href="/wiki/SHA-2" title="SHA-2">SHA-2</a></li> <li><a href="/wiki/SHA-3" title="SHA-3">SHA-3</a></li> <li><a href="/wiki/BLAKE_(hash_function)#BLAKE2" title="BLAKE (hash function)">BLAKE2</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/NIST_hash_function_competition" title="NIST hash function competition">SHA-3 finalists</a></th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/BLAKE_(hash_function)" title="BLAKE (hash function)">BLAKE</a></li> <li><a href="/wiki/Gr%C3%B8stl" title="Grøstl">Grøstl</a></li> <li><a href="/wiki/JH_(hash_function)" title="JH (hash function)">JH</a></li> <li><a href="/wiki/Skein_(hash_function)" title="Skein (hash function)">Skein</a></li> <li><a href="/wiki/SHA-3" title="SHA-3">Keccak</a> (winner)</li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Other functions</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/BLAKE3" class="mw-redirect" title="BLAKE3">BLAKE3</a></li> <li><a href="/wiki/CubeHash" title="CubeHash">CubeHash</a></li> <li><a href="/wiki/Elliptic_curve_only_hash" title="Elliptic curve only hash">ECOH</a></li> <li><a href="/wiki/Fast_syndrome-based_hash" title="Fast syndrome-based hash">FSB</a></li> <li><a href="/wiki/Fugue_(hash_function)" title="Fugue (hash function)">Fugue</a></li> <li><a href="/wiki/GOST_(hash_function)" title="GOST (hash function)">GOST</a></li> <li><a href="/wiki/HAS-160" title="HAS-160">HAS-160</a></li> <li><a href="/wiki/HAVAL" title="HAVAL">HAVAL</a></li> <li><a href="/wiki/Kupyna" title="Kupyna">Kupyna</a></li> <li><a href="/wiki/LSH_(hash_function)" title="LSH (hash function)">LSH</a></li> <li><a href="/wiki/Lane_(hash_function)" title="Lane (hash function)">Lane</a></li> <li><a href="/wiki/MASH-1" title="MASH-1">MASH-1</a></li> <li><a href="/wiki/MASH-1#MASH2" title="MASH-1">MASH-2</a></li> <li><a href="/wiki/MD2_(hash_function)" title="MD2 (hash function)">MD2</a></li> <li><a href="/wiki/MD4" title="MD4">MD4</a></li> <li><a href="/wiki/MD6" title="MD6">MD6</a></li> <li><a href="/wiki/MDC-2" title="MDC-2">MDC-2</a></li> <li><a href="/wiki/N-hash" title="N-hash">N-hash</a></li> <li><a href="/wiki/RIPEMD" title="RIPEMD">RIPEMD</a></li> <li><a href="/wiki/RadioGat%C3%BAn" title="RadioGatún">RadioGatún</a></li> <li><a href="/wiki/SIMD_(hash_function)" title="SIMD (hash function)">SIMD</a></li> <li><a href="/wiki/SM3_(hash_function)" title="SM3 (hash function)">SM3</a></li> <li><a href="/wiki/SWIFFT" title="SWIFFT">SWIFFT</a></li> <li><a href="/wiki/Shabal" title="Shabal">Shabal</a></li> <li><a href="/wiki/Snefru" title="Snefru">Snefru</a></li> <li><a href="/wiki/Streebog" title="Streebog">Streebog</a></li> <li><a href="/wiki/Tiger_(hash_function)" title="Tiger (hash function)">Tiger</a></li> <li><a href="/wiki/Very_smooth_hash" title="Very smooth hash">VSH</a></li> <li><a href="/wiki/Whirlpool_(hash_function)" title="Whirlpool (hash function)">Whirlpool</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Password hashing/<br /><a href="/wiki/Key_stretching" title="Key stretching">key stretching</a> functions</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Argon2" title="Argon2">Argon2</a></li> <li><a href="/wiki/Balloon_hashing" title="Balloon hashing">Balloon</a></li> <li><a href="/wiki/Bcrypt" title="Bcrypt">bcrypt</a></li> <li><a href="/wiki/Catena_(cryptography)" class="mw-redirect" title="Catena (cryptography)">Catena</a></li> <li><a href="/wiki/Crypt_(C)" title="Crypt (C)">crypt</a></li> <li><a href="/wiki/LAN_Manager#LM_hash_details" title="LAN Manager">LM hash</a></li> <li><a href="/wiki/Lyra2" title="Lyra2">Lyra2</a></li> <li><a href="/wiki/Makwa_(cryptography)" class="mw-redirect" title="Makwa (cryptography)">Makwa</a></li> <li><a href="/wiki/PBKDF2" title="PBKDF2">PBKDF2</a></li> <li><a href="/wiki/Scrypt" title="Scrypt">scrypt</a></li> <li><a href="/wiki/Yescrypt" title="Yescrypt">yescrypt</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">General purpose<br /><a href="/wiki/Key_derivation_function" title="Key derivation function">key derivation functions</a></th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/HKDF" title="HKDF">HKDF</a></li> <li>KDF1/KDF2</li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Message_authentication_code" title="Message authentication code">MAC functions</a></th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/CBC-MAC" title="CBC-MAC">CBC-MAC</a></li> <li><a href="/wiki/Data_Authentication_Algorithm" title="Data Authentication Algorithm">DAA</a></li> <li><a href="/wiki/Galois_Message_Authentication_Code" class="mw-redirect" title="Galois Message Authentication Code">GMAC</a></li> <li><a href="/wiki/HMAC" title="HMAC">HMAC</a></li> <li><a href="/wiki/NMAC" class="mw-redirect" title="NMAC">NMAC</a></li> <li><a href="/wiki/One-key_MAC" title="One-key MAC">OMAC</a>/<a href="/wiki/One-key_MAC" title="One-key MAC">CMAC</a></li> <li><a href="/wiki/PMAC_(cryptography)" title="PMAC (cryptography)">PMAC</a></li> <li><a href="/wiki/Poly1305" title="Poly1305">Poly1305</a></li> <li><a href="/wiki/SipHash" title="SipHash">SipHash</a></li> <li><a href="/wiki/UMAC_(cryptography)" title="UMAC (cryptography)">UMAC</a></li> <li><a href="/wiki/VMAC" title="VMAC">VMAC</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Authenticated_encryption" title="Authenticated encryption">Authenticated<br />encryption</a> modes</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/CCM_mode" title="CCM mode">CCM</a></li> <li><a href="/wiki/ChaCha20-Poly1305" title="ChaCha20-Poly1305">ChaCha20-Poly1305</a></li> <li><a href="/wiki/CWC_mode" title="CWC mode">CWC</a></li> <li><a href="/wiki/EAX_mode" title="EAX mode">EAX</a></li> <li><a href="/wiki/Galois/Counter_Mode" title="Galois/Counter Mode">GCM</a></li> <li><a href="/wiki/IAPM_(mode)" title="IAPM (mode)">IAPM</a></li> <li><a href="/wiki/OCB_mode" title="OCB mode">OCB</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Attacks</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a class="mw-selflink selflink">Collision attack</a></li> <li><a href="/wiki/Preimage_attack" title="Preimage attack">Preimage attack</a></li> <li><a href="/wiki/Birthday_attack" title="Birthday attack">Birthday attack</a></li> <li><a href="/wiki/Brute-force_attack" title="Brute-force attack">Brute-force attack</a></li> <li><a href="/wiki/Rainbow_table" title="Rainbow table">Rainbow table</a></li> <li><a href="/wiki/Side-channel_attack" title="Side-channel attack">Side-channel attack</a></li> <li><a href="/wiki/Length_extension_attack" title="Length extension attack">Length extension attack</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Design</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Avalanche_effect" title="Avalanche effect">Avalanche effect</a></li> <li><a href="/wiki/Hash_collision" title="Hash collision">Hash collision</a></li> <li><a href="/wiki/Merkle%E2%80%93Damg%C3%A5rd_construction" title="Merkle–Damgård construction">Merkle–Damgård construction</a></li> <li><a href="/wiki/Sponge_function" title="Sponge function">Sponge function</a></li> <li><a href="/wiki/HAIFA_construction" title="HAIFA construction">HAIFA construction</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Standardization</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/CAESAR_Competition" title="CAESAR Competition">CAESAR Competition</a></li> <li><a href="/wiki/CRYPTREC" title="CRYPTREC">CRYPTREC</a></li> <li><a href="/wiki/NESSIE" title="NESSIE">NESSIE</a></li> <li><a href="/wiki/NIST_hash_function_competition" title="NIST hash function competition">NIST hash function competition</a></li> <li><a href="/wiki/Password_Hashing_Competition" title="Password Hashing Competition">Password Hashing Competition</a></li> <li><a href="/wiki/NSA_Suite_B_Cryptography" title="NSA Suite B Cryptography">NSA Suite B</a></li> <li><a href="/wiki/Commercial_National_Security_Algorithm_Suite" title="Commercial National Security Algorithm Suite">CNSA</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Utilization</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Post-quantum_cryptography#Hash-based_cryptography" title="Post-quantum cryptography">Hash-based cryptography</a></li> <li><a href="/wiki/Merkle_tree" title="Merkle tree">Merkle tree</a></li> <li><a href="/wiki/Message_authentication" title="Message authentication">Message authentication</a></li> <li><a href="/wiki/Proof_of_work" title="Proof of work">Proof of work</a></li> <li><a href="/wiki/Salt_(cryptography)" title="Salt (cryptography)">Salt</a></li> <li><a href="/wiki/Pepper_(cryptography)" title="Pepper (cryptography)">Pepper</a></li></ul> </div></td></tr></tbody></table><div></div></td></tr></tbody></table><div></div></td></tr><tr><td colspan="2" class="navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"></div><table class="nowraplinks mw-collapsible mw-collapsed navbox-subgroup" style="border-spacing:0"><tbody><tr><th scope="col" class="navbox-title" colspan="2"><div class="navbar plainlinks hlist navbar-mini"><ul><li class="nv-view"><a href="/wiki/Template:Cryptography_navbox" title="Template:Cryptography navbox"><abbr title="View this template">v</abbr></a></li><li class="nv-talk"><a href="/wiki/Template_talk:Cryptography_navbox" title="Template talk:Cryptography navbox"><abbr title="Discuss this template">t</abbr></a></li><li class="nv-edit"><a href="/wiki/Special:EditPage/Template:Cryptography_navbox" title="Special:EditPage/Template:Cryptography navbox"><abbr title="Edit this template">e</abbr></a></li></ul></div><div id="Cryptography149" style="font-size:114%;margin:0 4em"><a href="/wiki/Cryptography" title="Cryptography">Cryptography</a></div></th></tr><tr><th scope="row" class="navbox-group" style="width:1%">General</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/History_of_cryptography" title="History of cryptography">History of cryptography</a></li> <li><a href="/wiki/Outline_of_cryptography" title="Outline of cryptography">Outline of cryptography</a></li> <li><a href="/wiki/Classical_cipher" title="Classical cipher">Classical cipher</a></li> <li><a href="/wiki/Cryptographic_protocol" title="Cryptographic protocol">Cryptographic protocol</a> <ul><li><a href="/wiki/Authentication_protocol" title="Authentication protocol">Authentication protocol</a></li></ul></li> <li><a href="/wiki/Cryptographic_primitive" title="Cryptographic primitive">Cryptographic primitive</a></li> <li><a href="/wiki/Cryptanalysis" title="Cryptanalysis">Cryptanalysis</a></li> <li><a href="/wiki/Cryptocurrency" title="Cryptocurrency">Cryptocurrency</a></li> <li><a href="/wiki/Cryptosystem" title="Cryptosystem">Cryptosystem</a></li> <li><a href="/wiki/Cryptographic_nonce" title="Cryptographic nonce">Cryptographic nonce</a></li> <li><a href="/wiki/Cryptovirology" title="Cryptovirology">Cryptovirology</a></li> <li><a href="/wiki/Hash_function" title="Hash function">Hash function</a> <ul><li><a href="/wiki/Cryptographic_hash_function" title="Cryptographic hash function">Cryptographic hash function</a></li> <li><a href="/wiki/Key_derivation_function" title="Key derivation function">Key derivation function</a></li> <li><a href="/wiki/Secure_Hash_Algorithms" title="Secure Hash Algorithms">Secure Hash Algorithms</a></li></ul></li> <li><a href="/wiki/Digital_signature" title="Digital signature">Digital signature</a></li> <li><a href="/wiki/Kleptography" title="Kleptography">Kleptography</a></li> <li><a href="/wiki/Key_(cryptography)" title="Key (cryptography)">Key (cryptography)</a></li> <li><a href="/wiki/Key_exchange" title="Key exchange">Key exchange</a></li> <li><a href="/wiki/Key_generator" title="Key generator">Key generator</a></li> <li><a href="/wiki/Key_schedule" title="Key schedule">Key schedule</a></li> <li><a href="/wiki/Key_stretching" title="Key stretching">Key stretching</a></li> <li><a href="/wiki/Keygen" title="Keygen">Keygen</a></li> <li><a href="/wiki/Template:Cryptography_machines" title="Template:Cryptography machines">Machines</a></li> <li><a href="/wiki/Cryptojacking_malware" class="mw-redirect" title="Cryptojacking malware">Cryptojacking malware</a></li> <li><a href="/wiki/Ransomware" title="Ransomware">Ransomware</a></li> <li><a href="/wiki/Random_number_generation" title="Random number generation">Random number generation</a> <ul><li><a href="/wiki/Cryptographically_secure_pseudorandom_number_generator" title="Cryptographically secure pseudorandom number generator">Cryptographically secure pseudorandom number generator</a> (CSPRNG)</li></ul></li> <li><a href="/wiki/Pseudorandom_noise" title="Pseudorandom noise">Pseudorandom noise</a> (PRN)</li> <li><a href="/wiki/Secure_channel" title="Secure channel">Secure channel</a></li> <li><a href="/wiki/Insecure_channel" class="mw-redirect" title="Insecure channel">Insecure channel</a></li> <li><a href="/wiki/Subliminal_channel" title="Subliminal channel">Subliminal channel</a></li> <li><a href="/wiki/Encryption" title="Encryption">Encryption</a></li> <li><a href="/wiki/Decryption" class="mw-redirect" title="Decryption">Decryption</a></li> <li><a href="/wiki/End-to-end_encryption" title="End-to-end encryption">End-to-end encryption</a></li> <li><a href="/wiki/Harvest_now,_decrypt_later" title="Harvest now, decrypt later">Harvest now, decrypt later</a></li> <li><a href="/wiki/Information-theoretic_security" title="Information-theoretic security">Information-theoretic security</a></li> <li><a href="/wiki/Plaintext" title="Plaintext">Plaintext</a></li> <li><a href="/wiki/Codetext" class="mw-redirect" title="Codetext">Codetext</a></li> <li><a href="/wiki/Ciphertext" title="Ciphertext">Ciphertext</a></li> <li><a href="/wiki/Shared_secret" title="Shared secret">Shared secret</a></li> <li><a href="/wiki/Trapdoor_function" title="Trapdoor function">Trapdoor function</a></li> <li><a href="/wiki/Trusted_timestamping" title="Trusted timestamping">Trusted timestamping</a></li> <li><a href="/wiki/Key-based_routing" title="Key-based routing">Key-based routing</a></li> <li><a href="/wiki/Onion_routing" title="Onion routing">Onion routing</a></li> <li><a href="/wiki/Garlic_routing" title="Garlic routing">Garlic routing</a></li> <li><a href="/wiki/Kademlia" title="Kademlia">Kademlia</a></li> <li><a href="/wiki/Mix_network" title="Mix network">Mix network</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Mathematics</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Cryptographic_hash_function" title="Cryptographic hash function">Cryptographic hash function</a></li> <li><a href="/wiki/Block_cipher" title="Block cipher">Block cipher</a></li> <li><a href="/wiki/Stream_cipher" title="Stream cipher">Stream cipher</a></li> <li><a href="/wiki/Symmetric-key_algorithm" title="Symmetric-key algorithm">Symmetric-key algorithm</a></li> <li><a href="/wiki/Authenticated_encryption" title="Authenticated encryption">Authenticated encryption</a></li> <li><a href="/wiki/Public-key_cryptography" title="Public-key cryptography">Public-key cryptography</a></li> <li><a href="/wiki/Quantum_key_distribution" title="Quantum key distribution">Quantum key distribution</a></li> <li><a href="/wiki/Quantum_cryptography" title="Quantum cryptography">Quantum cryptography</a></li> <li><a href="/wiki/Post-quantum_cryptography" title="Post-quantum cryptography">Post-quantum cryptography</a></li> <li><a href="/wiki/Message_authentication_code" title="Message authentication code">Message authentication code</a></li> <li><a href="/wiki/Cryptographically_secure_pseudorandom_number_generator" title="Cryptographically secure pseudorandom number generator">Random numbers</a></li> <li><a href="/wiki/Steganography" title="Steganography">Steganography</a></li></ul> </div></td></tr><tr><td class="navbox-abovebelow" colspan="2"><div> <ul><li><span class="noviewer" typeof="mw:File"><span title="Category"><img alt="" src="//upload.wikimedia.org/wikipedia/en/thumb/9/96/Symbol_category_class.svg/16px-Symbol_category_class.svg.png" decoding="async" width="16" height="16" class="mw-file-element" srcset="//upload.wikimedia.org/wikipedia/en/thumb/9/96/Symbol_category_class.svg/23px-Symbol_category_class.svg.png 1.5x, //upload.wikimedia.org/wikipedia/en/thumb/9/96/Symbol_category_class.svg/31px-Symbol_category_class.svg.png 2x" data-file-width="180" data-file-height="185" /></span></span> <a href="/wiki/Category:Cryptography" title="Category:Cryptography">Category</a></li></ul> </div></td></tr></tbody></table><div></div></td></tr></tbody></table></div> <!-- NewPP limit report Parsed by mw‐web.codfw.main‐84749c7844‐4t7pd Cached time: 20250210050135 Cache expiry: 2592000 Reduced expiry: false Complications: [vary‐revision‐sha1, show‐toc] CPU time usage: 0.577 seconds Real time usage: 0.679 seconds Preprocessor visited node count: 1503/1000000 Post‐expand include size: 113983/2097152 bytes Template argument size: 1016/2097152 bytes Highest expansion depth: 12/100 Expensive parser function count: 3/500 Unstrip recursion depth: 1/20 Unstrip post‐expand size: 70961/5000000 bytes Lua time usage: 0.375/10.000 seconds Lua memory usage: 6065919/52428800 bytes Number of Wikibase entities loaded: 0/400 --> <!-- Transclusion expansion time report (%,ms,calls,template) 100.00% 589.325 1 -total 46.70% 275.235 4 Template:Navbox 45.15% 266.052 1 Template:Reflist 23.42% 137.991 1 Template:Cryptography_navbox 18.37% 108.246 2 Template:Cite_journal 14.01% 82.561 1 Template:Short_description 11.62% 68.453 1 Template:Context 10.90% 64.215 9 Template:Cite_web 10.89% 64.206 1 Template:Cryptography_hash 10.61% 62.550 1 Template:Ambox --> <!-- Saved in parser cache with key enwiki:pcache:969624:|#|:idhash:canonical and timestamp 20250210050135 and revision id 1224354243. Rendering was triggered because: page-view --> </div><!--esi <esi:include src="/esitest-fa8a495983347898/content" /> --><noscript><img src="https://login.wikimedia.org/wiki/Special:CentralAutoLogin/start?useformat=desktop&amp;type=1x1&amp;usesul3=0" alt="" width="1" height="1" style="border: none; position: absolute;"></noscript> <div class="printfooter" data-nosnippet="">Retrieved from "<a dir="ltr" href="https://en.wikipedia.org/w/index.php?title=Collision_attack&amp;oldid=1224354243">https://en.wikipedia.org/w/index.php?title=Collision_attack&amp;oldid=1224354243</a>"</div></div> <div id="catlinks" class="catlinks" data-mw="interface"><div id="mw-normal-catlinks" class="mw-normal-catlinks"><a href="/wiki/Help:Category" title="Help:Category">Categories</a>: <ul><li><a href="/wiki/Category:Cryptographic_attacks" title="Category:Cryptographic attacks">Cryptographic attacks</a></li><li><a href="/wiki/Category:Cryptographic_hash_functions" title="Category:Cryptographic hash functions">Cryptographic hash functions</a></li></ul></div><div id="mw-hidden-catlinks" class="mw-hidden-catlinks mw-hidden-cats-hidden">Hidden categories: <ul><li><a href="/wiki/Category:CS1_errors:_missing_periodical" title="Category:CS1 errors: missing periodical">CS1 errors: missing periodical</a></li><li><a href="/wiki/Category:Webarchive_template_wayback_links" title="Category:Webarchive template wayback links">Webarchive template wayback links</a></li><li><a href="/wiki/Category:Articles_with_short_description" title="Category:Articles with short description">Articles with short description</a></li><li><a href="/wiki/Category:Short_description_matches_Wikidata" title="Category:Short description matches Wikidata">Short description matches Wikidata</a></li><li><a href="/wiki/Category:Wikipedia_articles_needing_context_from_February_2020" title="Category:Wikipedia articles needing context from February 2020">Wikipedia articles needing context from February 2020</a></li><li><a href="/wiki/Category:All_Wikipedia_articles_needing_context" title="Category:All Wikipedia articles needing context">All Wikipedia articles needing context</a></li><li><a href="/wiki/Category:All_pages_needing_cleanup" title="Category:All pages needing cleanup">All pages needing cleanup</a></li><li><a href="/wiki/Category:All_articles_with_unsourced_statements" title="Category:All articles with unsourced statements">All articles with unsourced statements</a></li><li><a href="/wiki/Category:Articles_with_unsourced_statements_from_September_2023" title="Category:Articles with unsourced statements from September 2023">Articles with unsourced statements from September 2023</a></li></ul></div></div> </div> </main> </div> <div class="mw-footer-container"> <footer id="footer" class="mw-footer" > <ul id="footer-info"> <li id="footer-info-lastmod"> This page was last edited on 17 May 2024, at 21:48<span class="anonymous-show">&#160;(UTC)</span>.</li> <li id="footer-info-copyright">Text is available under the <a href="/wiki/Wikipedia:Text_of_the_Creative_Commons_Attribution-ShareAlike_4.0_International_License" title="Wikipedia:Text of the Creative Commons Attribution-ShareAlike 4.0 International License">Creative Commons Attribution-ShareAlike 4.0 License</a>; additional terms may apply. By using this site, you agree to the <a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Terms_of_Use" class="extiw" title="foundation:Special:MyLanguage/Policy:Terms of Use">Terms of Use</a> and <a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy" class="extiw" title="foundation:Special:MyLanguage/Policy:Privacy policy">Privacy Policy</a>. Wikipedia® is a registered trademark of the <a rel="nofollow" class="external text" href="https://wikimediafoundation.org/">Wikimedia Foundation, Inc.</a>, a non-profit organization.</li> </ul> <ul id="footer-places"> <li id="footer-places-privacy"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy">Privacy policy</a></li> <li id="footer-places-about"><a href="/wiki/Wikipedia:About">About Wikipedia</a></li> <li id="footer-places-disclaimers"><a href="/wiki/Wikipedia:General_disclaimer">Disclaimers</a></li> <li id="footer-places-contact"><a href="//en.wikipedia.org/wiki/Wikipedia:Contact_us">Contact Wikipedia</a></li> <li id="footer-places-wm-codeofconduct"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Universal_Code_of_Conduct">Code of Conduct</a></li> <li id="footer-places-developers"><a href="https://developer.wikimedia.org">Developers</a></li> <li id="footer-places-statslink"><a href="https://stats.wikimedia.org/#/en.wikipedia.org">Statistics</a></li> <li id="footer-places-cookiestatement"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Cookie_statement">Cookie statement</a></li> <li id="footer-places-mobileview"><a href="//en.m.wikipedia.org/w/index.php?title=Collision_attack&amp;mobileaction=toggle_view_mobile" class="noprint stopMobileRedirectToggle">Mobile view</a></li> </ul> <ul id="footer-icons" class="noprint"> <li id="footer-copyrightico"><a href="https://wikimediafoundation.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><img src="/static/images/footer/wikimedia-button.svg" width="84" height="29" alt="Wikimedia Foundation" lang="en" loading="lazy"></a></li> <li id="footer-poweredbyico"><a href="https://www.mediawiki.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><img src="/w/resources/assets/poweredby_mediawiki.svg" alt="Powered by MediaWiki" width="88" height="31" loading="lazy"></a></li> </ul> </footer> </div> </div> </div> <div class="vector-header-container vector-sticky-header-container"> <div id="vector-sticky-header" class="vector-sticky-header"> <div class="vector-sticky-header-start"> <div class="vector-sticky-header-icon-start vector-button-flush-left vector-button-flush-right" aria-hidden="true"> <button class="cdx-button cdx-button--weight-quiet cdx-button--icon-only vector-sticky-header-search-toggle" tabindex="-1" data-event-name="ui.vector-sticky-search-form.icon"><span class="vector-icon mw-ui-icon-search mw-ui-icon-wikimedia-search"></span> <span>Search</span> </button> </div> <div role="search" class="vector-search-box-vue vector-search-box-show-thumbnail vector-search-box"> <div class="vector-typeahead-search-container"> <div class="cdx-typeahead-search cdx-typeahead-search--show-thumbnail"> <form action="/w/index.php" id="vector-sticky-search-form" class="cdx-search-input cdx-search-input--has-end-button"> <div class="cdx-search-input__input-wrapper" data-search-loc="header-moved"> <div class="cdx-text-input cdx-text-input--has-start-icon"> <input class="cdx-text-input__input" type="search" name="search" placeholder="Search Wikipedia"> <span class="cdx-text-input__icon cdx-text-input__start-icon"></span> </div> <input type="hidden" name="title" value="Special:Search"> </div> <button class="cdx-button cdx-search-input__end-button">Search</button> </form> </div> </div> </div> <div class="vector-sticky-header-context-bar"> <nav aria-label="Contents" class="vector-toc-landmark"> <div id="vector-sticky-header-toc" class="vector-dropdown mw-portlet mw-portlet-sticky-header-toc vector-sticky-header-toc vector-button-flush-left" > <input type="checkbox" id="vector-sticky-header-toc-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-sticky-header-toc" class="vector-dropdown-checkbox " aria-label="Toggle the table of contents" > <label id="vector-sticky-header-toc-label" for="vector-sticky-header-toc-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-listBullet mw-ui-icon-wikimedia-listBullet"></span> <span class="vector-dropdown-label-text">Toggle the table of contents</span> </label> <div class="vector-dropdown-content"> <div id="vector-sticky-header-toc-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <div class="vector-sticky-header-context-bar-primary" aria-hidden="true" ><span class="mw-page-title-main">Collision attack</span></div> </div> </div> <div class="vector-sticky-header-end" aria-hidden="true"> <div class="vector-sticky-header-icons"> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-talk-sticky-header" tabindex="-1" data-event-name="talk-sticky-header"><span class="vector-icon mw-ui-icon-speechBubbles mw-ui-icon-wikimedia-speechBubbles"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-subject-sticky-header" tabindex="-1" data-event-name="subject-sticky-header"><span class="vector-icon mw-ui-icon-article mw-ui-icon-wikimedia-article"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-history-sticky-header" tabindex="-1" data-event-name="history-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-history mw-ui-icon-wikimedia-wikimedia-history"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only mw-watchlink" id="ca-watchstar-sticky-header" tabindex="-1" data-event-name="watch-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-star mw-ui-icon-wikimedia-wikimedia-star"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-edit-sticky-header" tabindex="-1" data-event-name="wikitext-edit-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-wikiText mw-ui-icon-wikimedia-wikimedia-wikiText"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-ve-edit-sticky-header" tabindex="-1" data-event-name="ve-edit-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-edit mw-ui-icon-wikimedia-wikimedia-edit"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-viewsource-sticky-header" tabindex="-1" data-event-name="ve-edit-protected-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-editLock mw-ui-icon-wikimedia-wikimedia-editLock"></span> <span></span> </a> </div> <div class="vector-sticky-header-buttons"> <button class="cdx-button cdx-button--weight-quiet mw-interlanguage-selector" id="p-lang-btn-sticky-header" tabindex="-1" data-event-name="ui.dropdown-p-lang-btn-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-language mw-ui-icon-wikimedia-wikimedia-language"></span> <span>11 languages</span> </button> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--action-progressive" id="ca-addsection-sticky-header" tabindex="-1" data-event-name="addsection-sticky-header"><span class="vector-icon mw-ui-icon-speechBubbleAdd-progressive mw-ui-icon-wikimedia-speechBubbleAdd-progressive"></span> <span>Add topic</span> </a> </div> <div class="vector-sticky-header-icon-end"> <div class="vector-user-links"> </div> </div> </div> </div> </div> <div class="vector-settings" id="p-dock-bottom"> <ul></ul> </div><script>(RLQ=window.RLQ||[]).push(function(){mw.config.set({"wgHostname":"mw-web.codfw.main-ff47b69b6-xrnhp","wgBackendResponseTime":129,"wgPageParseReport":{"limitreport":{"cputime":"0.577","walltime":"0.679","ppvisitednodes":{"value":1503,"limit":1000000},"postexpandincludesize":{"value":113983,"limit":2097152},"templateargumentsize":{"value":1016,"limit":2097152},"expansiondepth":{"value":12,"limit":100},"expensivefunctioncount":{"value":3,"limit":500},"unstrip-depth":{"value":1,"limit":20},"unstrip-size":{"value":70961,"limit":5000000},"entityaccesscount":{"value":0,"limit":400},"timingprofile":["100.00% 589.325 1 -total"," 46.70% 275.235 4 Template:Navbox"," 45.15% 266.052 1 Template:Reflist"," 23.42% 137.991 1 Template:Cryptography_navbox"," 18.37% 108.246 2 Template:Cite_journal"," 14.01% 82.561 1 Template:Short_description"," 11.62% 68.453 1 Template:Context"," 10.90% 64.215 9 Template:Cite_web"," 10.89% 64.206 1 Template:Cryptography_hash"," 10.61% 62.550 1 Template:Ambox"]},"scribunto":{"limitreport-timeusage":{"value":"0.375","limit":"10.000"},"limitreport-memusage":{"value":6065919,"limit":52428800}},"cachereport":{"origin":"mw-web.codfw.main-84749c7844-4t7pd","timestamp":"20250210050135","ttl":2592000,"transientcontent":false}}});});</script> <script type="application/ld+json">{"@context":"https:\/\/schema.org","@type":"Article","name":"Collision attack","url":"https:\/\/en.wikipedia.org\/wiki\/Collision_attack","sameAs":"http:\/\/www.wikidata.org\/entity\/Q389463","mainEntity":"http:\/\/www.wikidata.org\/entity\/Q389463","author":{"@type":"Organization","name":"Contributors to Wikimedia projects"},"publisher":{"@type":"Organization","name":"Wikimedia Foundation, Inc.","logo":{"@type":"ImageObject","url":"https:\/\/www.wikimedia.org\/static\/images\/wmf-hor-googpub.png"}},"datePublished":"2004-09-08T19:39:15Z","dateModified":"2024-05-17T21:48:44Z","headline":"cryptographic attack"}</script> </body> </html>