RFC 1319 (rfc1319) - Page 1 of 17
The MD2 Message-Digest Algorithm
Alternative Format: Original Text Document
Network Working Group B. Kaliski Request for Comments: 1319 RSA Laboratories Updates: RFC 1115 April 1992 The MD2 Message-Digest Algorithm Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard. Distribution of this memo is unlimited. Acknowlegements The description of MD2 is based on material prepared by John Linn and Ron Rivest. Their permission to incorporate that material is greatly appreciated. Table of Contents 1. Executive Summary 1 2. Terminology and Notation 2 3. MD2 Algorithm Description 2 4. Summary 4 References 5 APPENDIX A - Reference Implementation 5 Security Considerations 17 Author's Address 17 1. Executive Summary This document describes the MD2 message-digest algorithm. The algorithm takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message digest. The MD2 algorithm is intended for digital signature applications, where a large file must be "compressed" in a secure manner before being signed with a private (secret) key under a public-key cryptosystem such as RSA. License to use MD2 is granted for non-commerical Internet Privacy- Enhanced Mail [1-3]. This document is an update to the August 1989 RFC 1115 [3], which also gives a reference implementation of MD2. The main differences Kaliski
