Colloquium Summary: 1

10/18/2007
Recent Progress in Cryptographic Hashing
John R. Black

This is a John Black's tenure talk for all his 7 years of research at CU-Boulder. His work focused on digital signatures and application level of network security. He is also interested very much in hashing today. The following are the bullet points from his talk:

His articles/papers were on slashdot twice.
He talked about cryptographic hash function – MD5 and SHA-1.
He first gave basis of hash function, esp. in security aspect, but he will be focusing on collision resistance.
He then gave a brief talk about how to build a hash function and how they break (collide).
MD4 is broken in 1997.
MD5 is broken by Xiaoyun Wang in 2004.
He talked briefly about compression function.
He published a paper to improve MD5 collision and posted them all online in his website.
Why collision is so important? Ans:Forge signatures.
Two documents/Linux binaries are hashed to the same thing, resulting in attacks/forgery.
SHA-1 is now under attack by Wang and lots of new efforts.
He expects to see SHA-1's collision by next year.
He approaches his cryptanalysis work by looking at the current papers.
He then needs to read everything up to current to build more and more tuition.
He uses mathematics background to pick the right tools.
SSL is built on top of hash function so we should be aware of hash function break.
Even more, most unix password are MD5-hashed.
He even contacted the agency to make sure he will not go to jail for his research.

Last modified 24 November 2007 at 11:48 am by panichsa