Page 434 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 434
announced the release of the Keccak algorithm as the SHA-3 standard.
The SHA-3 suite was developed to serve as drop-in replacement for
the SHA-2 hash functions, offering the same variants and hash lengths
using a more secure algorithm.
MD2
The Message Digest 2 (MD2) hash algorithm was developed by Ronald
Rivest (the same Rivest of Rivest, Shamir, and Adleman fame) in 1989
to provide a secure hash function for 8-bit processors. MD2 pads the
message so that its length is a multiple of 16 bytes. It then computes a
16-byte checksum and appends it to the end of the message. A 128-bit
message digest is then generated by using the entire original message
along with the appended checksum.
Cryptanalytic attacks exist against the MD2 algorithm. Specifically,
Nathalie Rogier and Pascal Chauvaud discovered that if the checksum
is not appended to the message before digest computation, collisions
may occur. Frederic Mueller later proved that MD2 is not a one-way
function. Therefore, it should no longer be used.
MD4
In 1990, Rivest enhanced his message digest algorithm to support 32-
bit processors and increase the level of security. This enhanced
algorithm is known as MD4. It first pads the message to ensure that
the message length is 64 bits smaller than a multiple of 512 bits. For
example, a 16-bit message would be padded with 432 additional bits of
data to make it 448 bits, which is 64 bits smaller than a 512-bit
message.
The MD4 algorithm then processes 512-bit blocks of the message in
three rounds of computation. The final output is a 128-bit message
digest.
The MD2, MD4, and MD5 algorithms are no longer accepted
as suitable hashing functions. However, the details of the
algorithms may still appear on the CISSP exam because they may
