RFC 1320 (rfc1320) - Page 2 of 20
The MD4 Message-Digest Algorithm
Alternative Format: Original Text Document
RFC 1320 MD4 Message-Digest Algorithm April 1992
The MD4 algorithm is being placed in the public domain for review and
possible adoption as a standard.
This document replaces the October 1990 RFC 1186 [2]. The main
difference is that the reference implementation of MD4 in the
appendix is more portable.
For OSI-based applications, MD4's object identifier is
md4 OBJECT IDENTIFIER ::=
{iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 4}
In the X.509 type AlgorithmIdentifier [3], the parameters for MD4
should have type NULL.
2. Terminology and Notation
In this document a "word" is a 32-bit quantity and a "byte" is an
eight-bit quantity. A sequence of bits can be interpreted in a
natural manner as a sequence of bytes, where each consecutive group
of eight bits is interpreted as a byte with the high-order (most
significant) bit of each byte listed first. Similarly, a sequence of
bytes can be interpreted as a sequence of 32-bit words, where each
consecutive group of four bytes is interpreted as a word with the
low-order (least significant) byte given first.
Let x_i denote "x sub i". If the subscript is an expression, we
surround it in braces, as in x_{i+1}. Similarly, we use ^ for
superscripts (exponentiation), so that x^i denotes x to the i-th
power.
Let the symbol "+" denote addition of words (i.e., modulo-2^32
addition). Let X