Recent Attacks Against Hash Functions

Presented at Notacon 2 (2005), April 9, 2005, 11 a.m. (60 minutes).

In recent months, a large amount of research into the security of cryptographic hash functions has revealed serious flaws in every widely used hash function, including MD4, MD5, RIPEMD, HAVAL, SHA-0, and SHA-1. These flaws have far reaching consequences, as hash functions are used everywhere, from storing passwords to determining the integrity of system binaries and packages (md5sum, for example). Due to nature of these attacks, some environments are now very vulnerable, whereas other environments are unaffected. This talk will cover the state of hash function cryptanalysis, future directions of hash function design, as well as how non-cryptographers can evaluate future results to judge their impact on specific environments.


Presenters:

  • Matthew Fanto - NIST
    Matthew Fanto is currently employed at the United States Department of Commerce, National Institute of Standards and Technology. His primary area of research is public key infrastructure, as well as design and analysis of cryptographic primitives, including block ciphers and hash functions. Other areas of interest are mandatory access controls and exploit mitigation techniques.

Links:

Similar Presentations: