BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY: Advances in Hash Cryptanalysis - Christian Rechberger\, IAIK\, Gr
 az University of Technology
DTSTART:20080624T151500Z
DTEND:20080624T161500Z
UID:TALK11975@talks.cam.ac.uk
CONTACT:Saar Drimer
DESCRIPTION:Hash functions are the Swiss army knife for cryptographers. Pa
 ssword protection\, digital signatures (also in a potential post-quantum p
 eriod) are applications where they surface outside the cryptographic commu
 nity. Not only are almost all popular hash functions based on the same des
 ign principle\, it also turned out that designers were not conservative en
 ough. Spectacular practical attacks (e.g. on MD5) were the result in recen
 t years\, and\nstandardization organisations look for replacements.\n\nThe
  ubiquitously used SHA-1 exhibits a higher resistance against shortcut col
 lision search attacks. Still\, to motivate the shift _away from SHA-1_\, w
 e found a new shortcut attack which is estimated to be around a million ti
 mes faster than generic attacks. The workfactor is still very high and hen
 ce we started a distributed computing project to find the first SHA-1 coll
 ision:\n"SHA-1 Collision Search Graz":http://boinc.iaik.tugraz.at\n\nMany 
 applications of hash functions do not require collision resistance but rel
 y on properties that are generally assumed to be much harder to violate (l
 ike resistance against inversion attacks). Nevertheless\, some of our very
  recent results indicate that also here\, we might see a development simil
 ar to collision attacks.\n
LOCATION:Lecture Theatre 2\, Computer Laboratory\, William Gates Building
END:VEVENT
END:VCALENDAR