RFC 1319 (rfc1319) - Page 1 of 17
The MD2 Message-Digest Algorithm
Alternative Format: Original Text Document
Network Working Group B. Kaliski
Request for Comments: 1319 RSA Laboratories
Updates: RFC 1115 April 1992
The MD2 Message-Digest Algorithm
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard. Distribution of this memo is
unlimited.
Acknowlegements
The description of MD2 is based on material prepared by John Linn and
Ron Rivest. Their permission to incorporate that material is greatly
appreciated.
Table of Contents
1. Executive Summary 1
2. Terminology and Notation 2
3. MD2 Algorithm Description 2
4. Summary 4
References 5
APPENDIX A - Reference Implementation 5
Security Considerations 17
Author's Address 17
1. Executive Summary
This document describes the MD2 message-digest algorithm. The
algorithm takes as input a message of arbitrary length and produces
as output a 128-bit "fingerprint" or "message digest" of the input.
It is conjectured that it is computationally infeasible to produce
two messages having the same message digest, or to produce any
message having a given prespecified target message digest. The MD2
algorithm is intended for digital signature applications, where a
large file must be "compressed" in a secure manner before being
signed with a private (secret) key under a public-key cryptosystem
such as RSA.
License to use MD2 is granted for non-commerical Internet Privacy-
Enhanced Mail [1-3].
This document is an update to the August 1989 RFC 1115 [3], which
also gives a reference implementation of MD2. The main differences
Kaliski