Printable Version of this PageHome PageRecent ChangesSearchSign In
Recent Progress in Cryptographic Hashing
John R. Black

This is a John Black's tenure talk for all his 7 years of research at CU-Boulder. His work focused on digital signatures and application level of network security. He is also interested very much in hashing today. The following are the bullet points from his talk:
  • His articles/papers were on slashdot twice.
  • He talked about cryptographic hash function – MD5 and SHA-1.
  • He first gave basis of hash function, esp. in security aspect, but he will be focusing on collision resistance.
  • He then gave a brief talk about how to build a hash function and how they break (collide).
  • MD4 is broken in 1997.
  • MD5 is broken by Xiaoyun Wang in 2004.
  • He talked briefly about compression function.
  • He published a paper to improve MD5 collision and posted them all online in his website.
  • Why collision is so important? Ans:Forge signatures.
  • Two documents/Linux binaries are hashed to the same thing, resulting in attacks/forgery.
  • SHA-1 is now under attack by Wang and lots of new efforts.
  • He expects to see SHA-1's collision by next year.
  • He approaches his cryptanalysis work by looking at the current papers.
  • He then needs to read everything up to current to build more and more tuition.
  • He uses mathematics background to pick the right tools.
  • SSL is built on top of hash function so we should be aware of hash function break.
  • Even more, most unix password are MD5-hashed.
  • He even contacted the agency to make sure he will not go to jail for his research.

Last modified 24 November 2007 at 11:48 am by panichsa