Recent Attacks Against Hash Functions

Presented at Notacon 2 (2005), April 9, 2005, 11 a.m. (60 minutes).

In recent months, a large amount of research into the security of cryptographic hash functions has revealed serious flaws in every widely used hash function, including MD4, MD5, RIPEMD, HAVAL, SHA-0, and SHA-1. These flaws have far reaching consequences, as hash functions are used everywhere, from storing passwords to determining the integrity of system binaries and packages (md5sum, for example). Due to nature of these attacks, some environments are now very vulnerable, whereas other environments are unaffected. This talk will cover the state of hash function cryptanalysis, future directions of hash function design, as well as how non-cryptographers can evaluate future results to judge their impact on specific environments.

Presenters:

• Matthew Fanto - NIST
  Matthew Fanto is currently employed at the United States Department of Commerce, National Institute of Standards and Technology. His primary area of research is public key infrastructure, as well as design and analysis of cryptographic primitives, including block ciphers and hash functions. Other areas of interest are mandatory access controls and exploit mitigation techniques.

Links:

• https://web.archive.org/web/20050331054328/http://notacon.org/speakers.html#fanto
• https://infocon.org/cons/notacon/notacon 2 - 2005/Video/Recent Attacks Against Hash Functions.mp4

Similar Presentations:

• Black Hat Europe 2017 / Fed Up Getting Shattered and Log Jammed? A New Generation of Crypto is Coming
• DEF CON 30 (2022) / Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS
• Black Hat USA 2022 / Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS