As we discussed in class, MD5 was once considered a secure collision resistant hash function. However, in 2004, a group of researchers, Xiaoyun Wang, Dengguo Feng, Xuejia Lai, and Hongbo Yu, discovered a catastrophic flaw in the construction and published several collisions. One pair they published was: d131dd02c5e6eec4693d9a0698aff95c 2f cab58712467eab4004583eb8fb7f89 55ad340609f4b30283e488832571415a 085125e8f7cdc99fd91dbdf280373c5b 08823e3156348f5bae6dacd436c919c6dd53e2b487da03fd023963060248cdao e99f33420f577ee8ce54b67080a80dle c69821bcb6a8839396f9652b6ff72a70 d131dd02c5e6eec4693d9a0698aff95c 2fcab50712467eab4004583eb8fb7f89 55ad340609f4b30283e4888325f1415a 085125e8f7cdc99fd91dbd7280373c5b d8823e3156348f5bae6dacd436c919c6 dd53e23487da03fd023963060248cdao e99f33420f577ee8ce54b67080280d1e c69821bcb6a8839396f965ab6ff72a70 1. Using the xxd program and openssl dgst -md5, what was the collision value? 2. Suppose one uses PKCS1.5 signature padding, as discussed in class, with the MD5 hash. Explain how an attacker can break the system. 3. Extra credit: Using the fastcoll program from , find a new pair of collisions for MD5. Name the two files c1.bin and c2.bin and submit them. As we discussed in class, MD5 was once considered a secure collision resistant hash function. However, in 2004, a group of researchers, Xiaoyun Wang, Dengguo Feng, Xuejia Lai, and Hongbo Yu, discovered a catastrophic flaw in the construction and published several collisions. One pair they published was: d131dd02c5e6eec4693d9a0698aff95c 2f cab58712467eab4004583eb8fb7f89 55ad340609f4b30283e488832571415a 085125e8f7cdc99fd91dbdf280373c5b 08823e3156348f5bae6dacd436c919c6dd53e2b487da03fd023963060248cdao e99f33420f577ee8ce54b67080a80dle c69821bcb6a8839396f9652b6ff72a70 d131dd02c5e6eec4693d9a0698aff95c 2fcab50712467eab4004583eb8fb7f89 55ad340609f4b30283e4888325f1415a 085125e8f7cdc99fd91dbd7280373c5b d8823e3156348f5bae6dacd436c919c6 dd53e23487da03fd023963060248cdao e99f33420f577ee8ce54b67080280d1e c69821bcb6a8839396f965ab6ff72a70 1. Using the xxd program and openssl dgst -md5, what was the collision value? 2. Suppose one uses PKCS1.5 signature padding, as discussed in class, with the MD5 hash. Explain how an attacker can break the system. 3. Extra credit: Using the fastcoll program from , find a new pair of collisions for MD5. Name the two files c1.bin and c2.bin and submit them