A spectre is haunting IT-security -- the spectre of hash function
cryptanalysis. A lot of actual results show that all widely used
hash functions (MD4,MD5,SHA,SHA-1) are broken in a cryptographic sense.
Even worse because of some internal design properties even practical attacks
against MD*-based hash functions security systems could be shown.
In this paper we discuss the cryptographic status and some first-aid
workarounds. We also show the impossibility to establish a "Trusted"
infrastructure based on a untrustable cryptographic function.
|
Technical University of Applied Sciences Berlin
Ruediger Weis obtained a diploma in Mathematics and a PhD
in Computer Science from the University of Mannheim.
After this he has worked as researcher in the group of Andy
Tanenbaum at the Vrije Universiteit Amsterdam and as chief
cryptographer of cryptolabs Amsterdam.
Since october 2005 Ruediger Weis is teaching as professor for systemprogramming
at the Technical University of Applied Science in Berlin.
Ruediger is also a long-time member of the Chaos Computer Club.
|
Stefan Lucks' fields of research are cryptology and communication
security. He obtained a diploma in Computer Science in 1993 at the
University of Dortmund. In 1997, he finished his Ph.D. at the
University of Göttingen. Since 1997, he works at the University
of Mannheim, where he obtained his postdoctoral lecture qualification
("Habilitiation") in 2003 and became a lecturer ("Oberassistent")
in 2004. He leads the security research team for the Mobile Business
Research Group at the University of Mannheim.
He has published about fourty peer-reviewed papers about cryptology
and served on numerous international program committees, such as AES,
SAC, FSE, and Eurocrypt.
|
|
