May 24 - 25, 2007, Barcelona, Spain
Invited Talk by Eric Rescorla
Title: Indigestion: Assessing the impact of known and future hash function attacks
Nearly every major cryptographic protocol depends on hash functions
for everything from digital signatures to key derivation. After Wang's
successful attack on MD5 in 2004 and then on SHA-1 in 2005, it became
distressingly clear just how dependent our systems are on these two
algorithms. Since then, the security community has been scrambling to
figure out the impact on existing systems, replace weak algorithms
with strong ones, and figure out how not to get caught unprepared by
new results. In this talk we discuss the impact of recent and
potential future attacks on real systems, including SSL/TLS, S/MIME,
IPsec, and distributed hash tables, as well as what is being done to
prepare for future analytic progress.