More hash woes

More hash woes

For the second year running, research presented at the annual Crypto conference raised concerns over thesecurity of commonly-used hash functions.For the second year running, research presented at theannual Crypto conference has raised concern over thesecurity of commonly-used hash functions. The encryptionfield was thrown into a frenzy in August 2004 when thesecurity of hash functions MD5, SHA-0 and SHA-1 wascalled into question (see and). Last month, researchers revealed thatthey have discovered a new, faster attack against the SHA-1hashing algorithm.Xiaoyun Wang, one of the team of Chinese researchers thatat last year’s Crypto conference outlined methods of findingcollisions in the MD4, MD5, HAVEL-128 and RIPEMDalgorithms, has announced that the time complexity of anew attack her team has achieved against SHA-1 is 263 (theteam’s previous result was 269; brute force is 280). It is alsoexpected that this result will be improved upon over thenext couple of months. Wang’s paper can be found at.In reaction to the findings, the National Institute ofStandards and Technology (NIST) plans to host a two-dayCryptographic Hash Workshop on 31 October and 1November 2005 to solicit public input on how best torespond to the current state of research in this area.

29 August 2005

www.virusbtn.com/