RFC 1186 (rfc1186) - Page 1 of 18
MD4 Message Digest Algorithm
Alternative Format: Original Text Document
Network Working Group R. Rivest
Request for Comments: 1186 MIT Laboratory for Computer Science
October 1990
The MD4 Message Digest Algorithm
Status of this Memo
This RFC is the specification of the MD4 Digest Algorithm. If you
are going to implement MD4, it is suggested you do it this way. This
memo is for informational use and does not constitute a standard.
Distribution of this memo is unlimited.
Table of Contents
1. Abstract .................................................... 1
2. Terminology and Notation .................................... 2
3. MD4 Algorithm Description ................................... 2
4. Extensions .................................................. 6
5. Summary ..................................................... 7
6. Acknowledgements ............................................ 7
APPENDIX - Reference Implementation ............................. 7
Security Considerations.......................................... 18
Author's Address................................................. 18
1. Abstract
This note describes the MD4 message digest algorithm. The algorithm
takes as input an input message of arbitrary length and produces as
output a 128-bit "fingerprint" or "message digest" of the input. It
is conjectured that it is computationally infeasible to produce two
messages having the same message digest, or to produce any message
having a given prespecified target message digest. The MD4 algorithm
is thus ideal for digital signature applications, where a large file
must be "compressed" in a secure manner before being signed with the
RSA public-key cryptosystem.
The MD4 algorithm is designed to be quite fast on 32-bit machines.
On a SUN Sparc station, MD4 runs at 1,450,000 bytes/second. On a DEC
MicroVax II, MD4 runs at approximately 70,000 bytes/second. On a
20MHz 80286, MD4 runs at approximately 32,000 bytes/second. In
addition, the MD4 algorithm does not require any large substitution
tables; the algorithm can be coded quite compactly.
The MD4 algorithm is being placed in the public domain for review and
possible adoption as a standard.
Rivest