Attack on the hash value of the digital signature (Menu Analysis \ Hash )

The visualized attack is designed to attack the hash value of the digital signature -- independently of the hash function used.

This is implemented with the dialog attack on the hash value of the digital signature, where you can choose the parameters of the attack, and a further dialog is describing the status of the attack.

CrypTool allows you to vary the length of the identical bits of the hash value. Additionally you can directly see, how the two modified documents with different content but identical hash value (for the chosen significant digits) look like.


Reference:

Practical experiments with the implementation in CrypTool were done to generate partly collisions (this means that the significant bit length was varied and permanently increased, but still stayed below the complete hash value length): On a single PC we could find collisions for the first 72 bits of MD5 hash values within days. The paper of Mr. Blumenstein explains, that today digital signatures using hash functions with 128 bits are practically attackable with massively parallel methods!

This justifies the early and careful recommendations of the GISA (German Information Security Agency) to demand for hash functions like RIPEMD or SHA-1 a sufficiently big buffer on top of the topical research results.

This implementation performs a collision search using brute-force methods (generic attack). Modern break-throughs since 2004 found additional methods using structural weaknesses within the hash algorithms. See the CrypTool script for further details.