Home Lab Setup SEED Labs Books Lectures Workshops
SEED Logo

MD5 Collision Attack Lab

Overview

Collision-resistance is an essential property for one-way hash functions, but several widely-used one-way hash functions have trouble maintaining this property. In 2004, Xiaoyun Wang and co-authors demonstrated a collision attack against MD5. In 2017, CWI Amsterdam and Google Research announced the SHAttered attack, which breaks the collision-resistant property of SHA-1. While many students do not have trouble understanding the importance of the one-way property, they cannot easily grasp why the collision-resistance property is necessary, and what the impact of these attacks can cause.

The learning objective of this lab is for students to really understand the impact of collision attacks, and see in first hand what damages can be caused if a widely-used one-way hash function's collision-resistance property is broken. To achieve this goal, students need to launch actual collision attacks against the MD5 hash function. Using the attacks, students should be able to create two different programs that share the same MD5 hash but have completely different behaviors.

Tasks (PDF)

Time (Suggested)

  • Supervised (closely-guided lab session): 2 hours
  • Unsupervised (take-home project): 1 week

SEED Books (English) (Chinese)

  • Computer & Internet Security: A Hands-on Approach, 2nd edition (§ 22)
  • Computer Security: A Hands-on Approach, 2nd edition (§ 16)
  • Internet Security: A Hands-on Approach, 2nd edition (§ 9)

Feedback and Help

Please give us your feedback on this lab using this feedback form.
The SEED Labs project is open source. If you are interested in contributing to this project, please check out our Github page: https://github.com/seed-labs/seed-labs.