The question I have long wanted to answer is - What will be the time complexity of finding MD5sum of a compiled binary file that contains the same MD5 statically embedded in it, say, as a string?
Edit: if it was not clear yet. I am looking for an answer with time complexity and explanation .
Just like brute force: calculating md5sum is trivial, but making a file according to the famous md5sum is difficult.
At best, you are looking for a prototype that will give you a known hash (perhaps by adding data to the binary).
.
, MD5, .
, MD5 . bruteforcing - , , .
, , , , 3 : , . , md5 .
():
foo098f6bcd4621d373cade4e832627b4f6bar foo | 098f6bcd4621d373cade4e832627b4f6 | bar md5(foo+bar) = 3858f62230ac3c915f300c664312c63f foo3858f62230ac3c915f300c664312c63fbar
, , . , MD5 , . , , . , " ".
, () - .
" " , .
. , md5 - , : 0. ( , , , ), md5, md5.
(, , ), .
To accomplish this, you must find collision . This can be done using a prefix attack against md5 . Keep in mind that this is only possible because md5 is very broken. This attack has a temporary difficulty of 2 ^ 24.1 , which is within the reach of a modern desktop.