Printable Version of this PageHome PageRecent ChangesSearchSign In
I attended the CS Colloquium on Thursday October 18th. The speaker was John Black. Black. Black's talk provided an overview of some current topics in cryptography, and gave a more detailed presentation of the manner in which the MD5 hashing protocol was cracked in 2004. The presentation was interesting and quite entertaining.

Black began with a brief introduction to the field of cryptography. He explained that he likes to divide the field into three levels: Second-level protocols, first-level protocols, and "primitives" (e.g., Block cyphers, hash functions). Most of his work has been in the two upper-level areas, although he pointed out that the security of any system always depends on the security of the underlying primitives used, and that although these are often assumed to be secure, some researchers focus enormous effort on exposing flaws in them.

Black then explained at a relatively high level the inner workings of the MD5 hash protocol, and the attack that Xiaoyun Wang, et. al., developed in 2004. Her paper accompanying the result was "difficult to parse," so Black's team worked to clarify and improve upon her attack. They also published a survey of all of the existing attacks on MD5.

The talk also included some examples of surprising ways that a malicious user could take advantage of the cracks in MD5, including creating two executables with the same output but drastically different MD5 hashes.

Last modified 7 November 2007 at 3:58 pm by danknights