cr-marcstevens / hashclash Goto Github PK
View Code? Open in Web Editor NEWProject HashClash - MD5 & SHA-1 cryptanalysis
License: Other
hashclash's People
Contributors
Stargazers
Watchers
Forkers
ax72864 openprunus mmezher epsilonsolutions siweisun rpgincoming 0xrnair angea crypt-cns jbisterfeldt fcccode floydpink majka22 codechina888 jsegitz marcin-jedynski killua4564 dm168168 jeffli678 arryboom enricobacis maijin donaldevine ashleeoasis gc888 hustcw bmurray7 5l1v3r1 mycabbages dragonlaaa enricozanardo timminn blowfish64 hoaiocom yaba yuuichihosomi qinghai5060 kafow saurav3199 kfdcompiled gouba-1 atherzzz gylearner finsenty54 avgirl crackercat usr-ein renesugar nr-professional chauhuy0123 kexinoh boyboy007000 killvxk catwithapple0708 heartever abgeana gmh5225 timb-machine-mirrors solhack yuyuko233 icukeup clayne nalija ygb8745 subgb phyvemin nyx2022 tiger1218 noorahsmith knightdax thonnn deovanvo davidlee528 phantomzheng tyuyang comradespark ysxninja he7086 aaabbbcccdddeeef chenlang0311 zl206142 istalacar jackczwhashclash's Issues
Different Boost versions between static release and configuration
The default configuration uses Boost 1.57.0, while the static release uses 1.65.1.
Running a binary of the static release gives this error message:
./md5_fastcoll: error while loading shared libraries: libboost_filesystem.so.1.65.1: cannot open shared object file: No such file or directory
missing M4 files
I tried to compile and I had some errors like:
configure.ac:63: warning: AX_GCC_X86_AVX_XGETBV is m4_require'd but not m4_defun'd
m4/ax_simdext.m4:49: AX_EXT is expanded from...
I added ax_gcc_x86_cpuid.m4 and ax_gcc_x86_avx_xgetbv.m4 in /m4/ to fix the problem.
(I can't create a PR at the moment)
call to 'hw' is ambiguous
While assisting @angea workshop and compiling on mac I had to comment those 2 calls:
src/sha1helper/filter.cpp:203:7: error: call to 'hw' is ambiguous
if (hw(++cnt) == 1)
^~
./lib/hashclash/sdr.hpp:41:18: note: candidate function
inline unsigned hw(int n) { return hw(uint32(n)); }
^
./lib/hashclash/sdr.hpp:42:18: note: candidate function
inline unsigned hw(uint64 n) {
^
./lib/hashclash/sdr.hpp:207:18: note: candidate function
inline unsigned hw(uint32 n)
^
./lib/hashclash/sdr.hpp:228:18: note: candidate function
inline unsigned hw(const sdr& n)
^
src/sha1helper/filter.cpp:208:8: error: call to 'hw' is ambiguous
if (hw(++cnt2) == 1)
^~
./lib/hashclash/sdr.hpp:41:18: note: candidate function
inline unsigned hw(int n) { return hw(uint32(n)); }
^
./lib/hashclash/sdr.hpp:42:18: note: candidate function
inline unsigned hw(uint64 n) {
^
./lib/hashclash/sdr.hpp:207:18: note: candidate function
inline unsigned hw(uint32 n)
^
./lib/hashclash/sdr.hpp:228:18: note: candidate function
inline unsigned hw(const sdr& n)
^
Add a progress indicator on screen
Currently we can not see how far the calculation has gotten and how much is left until it is very likely to hit a "clash"
Static macOS build releases
thank you for the tool, is there any chance that there will be a MacOS static compile release of this? boost is currently breaking the build for me and I guess it takes a while to figure it out... and it seems that the build.sh works for you on MacOS
Chosen Prefix Collision requirement for matching prefix size
Hi! Thank you for this amazing tool.
I've succesfully calculated hundreds of identical prefix collisions (trying to get the md5 hash on the pdf itself).
I've been looking into the CPC and was wondering why the prefix size needs to match.
With my limited understanding of the hash collisions I would expect the prefix size not the matter as long as you pad both prefixes to a hash block boundary. Could you explain where the same size requirement comes from? Or point me in the right direction?
Thank you!
Question about chosen-prefix collision with strings.
Hi! Thank you for this project, really nice.
But i have a question if is possible to find md5 collisions using two string prefixes in a way that the collisions only have "normal characters" added, because using the script i was able to find a collision, but it had some LF and CR, and some 0 bytes in it.
cpc.sh: let: k=: syntax error: operand expected (error token is "=")
I have this shell error during cpc.sh run:
IHV1 = {1215776608,3027357254,3082882766,2558746435}
IHV2 = {1215776608,1785367902,3602992650,3078856319}
dIHV = {0,3052977944,520109884,520109884}
Dv = [!-2,6,-8,14,-24,29!]
Dw = [!-2,-5,15,-19,-24,-27,29,31!]
Blocks = 7
Msg1 = 67668767 0 36963072 36988025 3405438513 1373522928 1120441926 3501858414 187668621 2896542893 205808995 2544529963 431569900 0 2152653763 2184428680
Msg2 = 63347730 1464670714 3426110770 2460932572 1773031144 3361261166 1956379989 3196392674 327350835 3799722998 1392645548 4167497084 3254959121 0 1901183133 1132634811
Thread 7 exited.
Thread Thread 14 exited.
Thread Thread 13 exited.
Thread Thread 32 exited.
Thread Thread 2321Thread exited. Thread Thread
16Thread Thread 22Thread Thread 17Thread 5Thread exited. Thread 20Thread exited. Thread exited. Thread Thread Thread 25Thread 28Thread exited.
3019Thread 26Thread 9318 exited. 24 exited. exited. Thread
exited. exited.
Thread 314 exited. exited.
exited.
exited.
27 exited.
Thread 29 exited.
15 exited.
6 exited.
2 exited.
exited.
12 exited.
1 exited.
exited.
exited.
11 exited.
exited.
Thread 8 exited.
10 exited.
Work: 2^(40.4489), Coll.: 60635(uf=30252,nuf=30380,?=0,q=0,rh=3), Blocks: 7
Waiting for threads to finish...done.
Runtime: 680.605
[*] Birthday search completed.
./scripts/cpc.sh: ligne 168: let: k= : erreur de syntaxe : opérande attendu (le symbole erroné est « = »)
[*] Number of backtracks until now: 0
[*] Time before backtrack: 1800 s
[*] Starting step 0
It's in french, it's should translate to "let: k=: syntax error: operand expected (error token is "=")"
This happen because $3 is empty.
Rogue CA generation details questions
Hello Marc!
Please, could you be so kind to explain what do I need to replay rogue CA certificate generation.
IIf it is possible, answer me as shortly as possible (if it is complicated for explanation in full details)
What data I need for 1st block (as I understand, it has almost unchangeable data from x509 ASN structure, version, CN, etc) with size of 64 bytes
What data I need for 2st block (as I understand, it has similar blocks from RSA public key, unchangeable in both certificates) with size of 64 bytes
What software can be used for generating larger RSA keys and how, taking into account existing collisions?
Anyway, thank you in advance for paying your attention for my question.
occasional crashes
Hi,
First of all, I want to thank you for this program. I recently finished a paper for school that required the creation of over two dozen collisions.
On a few (maybe three) of those, the program simply died at some point. It appears that the program did not create workdirn/paths10_0of1.bin.gz and workdirn/paths11_0of1.bin.gz
This led to the following message in workdirn/connect.log:
Connect MD5 differential paths
Copyright (C) 2009 Marc Stevens
http://homepages.cwi.nl/~stevens/
delta_m[11] = [!31!]
Loading workdir2/paths16_0of1.bin.gz...done: 500000.
Loading workdir2/paths11_0of1.bin.gz...failed.
Best path: totcompl=-1000 tottunnel=0, totcond=1048576
Verified: 0 bad out of 0
Runtime: 14.4187
Caught exception!!:
No lower differential paths loaded!
I have no idea why this happened, but I have saved the entire output directory (about 350 MB compressed) of one of the failures, including the failed workdirs (which I renamed), in case you need any information from them.
Thanks again.
Detectcoll doesn't detect UniColl with n=2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.