Major discovery in the field of cryptography: Professor Wang Xiaoyun, University of Shandong successfully cracked MD5
2004-09-04 09:39
Link: http://www.view.sdu.edu.cn/news/news/sdyw/2004-09-04/1094261946.html
[This site news] August 17, 2004 Santa Barla, the International Cryptology Conference (CRYPTO'2004), which is being held (CRYPTO'2004) has arranged special report on the mixed function. After the International Famous Cipher Eli Biham and Antoine Joux have made the analysis of SHA-1 and give a collision of SHA-0, Professor Wang Xiaoyun from Shandong University has done the MD5, HAVAL-128, MD4 and RIPEMD algorithms. Report. On the venue, when she announced the crack result of the MD series algorithm, the report was excited applause. Professor Wang Xiaoyun sensited the audience and got the admiration of participating experts. At the end of the report, the participants warmly applauded, some scholars were tribute, which was rare in the cryptographic meeting. Why did Wang Xiaoyun's report cause such a big response? Because her research results as a major discovery of the codenics, the fortress of the world password standard MD5, which is the world password standard MD5, which triggered the sylves of the cryptography. The conference summary report wrote this: "What should we do? MD5 is hit; it is about to eliminate it from the application. SHA-1 is still alive, but I have seen it on the end. Now I have to start replacement SHA-1." ???? ???? Key words: collision = Vulnerability = others can fake and use digital signatures. ??????? Hash function and digital signature (digital handprint) ???? hash function, also known as a mixed function, is a password algorithm for extensive and important applications in the information security field, there is a model similar to fingerprint. In the network security protocol, the mixed function is used to handle electronic signatures, compressing lengthy signature files into a unique digital information, ensuring the legality and security of the original digital signature file like fingerprint authentication. SHA-1 and MD5 mentioned earlier are the most commonly used mixed functions. After the processing of these algorithms, the original information will also become a complete "fingerprint" even if only one letter is only a letter. This guarantees the uniqueness of processing information. Provide digital authentication for e-commerce. ???? The security of the conflict function must meet two requirements when designing: one is looking for two inputs to get the same output value is not feasible, this is what we usually say; It is a input to get a given output is not feasible, ie it is not possible to derive its initial state. Important computer security protocols now used, such as SSL, PGP uses a mixed function to sign, once you find two files can produce the same compression value, you can fake signatures, bring huge hazards to the network security field. ???? MD5 is such a whispering function algorithm with extensive applications at home and abroad, which once considered very safe. However, Professor Wang Xiaoyun found that the "collision" of MD5 can be quickly found, which is the same "fingerprint". This means that after you sign a contract on the Internet, it is possible to find another contract with the same signature but a different content, so that the truse of the two contracts is not distinguished. Professor Wang Xiaoyun confirmed the use of MD5 algorithms to seriously threaten information system security, this discovery makes the current electronic signature legal effect and technical system challenged. Therefore, the industry expert Princeton Computer Professor Edward Felten and other strong appeal for information systems replace the signature algorithm as soon as possible, and they emphasize that this is a problem that needs to be resolved immediately. ??????? International Lecture King discovered that the four of the four-seat "Identiced, the Senior Researcher, the main chairman of the Crypto 2004 Conference, said that this news is too important in the morning. Therefore, he has prepared the first network broadcast (Webcast) that will be established in 24 years.
Hughes announced at the meeting: "The meeting will propose three research reports of Hash Collisions." One of them is a research found in several Chinese researches such as Wang Xiaoyun. On the evening of the 17th, Professor Wang Xiaoyun made his research results in a meeting. This article is completed by Wang Xiaoyun, Feng Deguo, Zhi Jia, the four-person red wave, including the deciphering results of the four famous HASH algorithms of MD5, HAVAL-128, MD4 and RIPEMD. When Professor Wang Xiaoyun announced only to their third amazing results, the venue was already applauded, and the report had to be interrupted. After the report, all the experts have a long-term applause of their highlights, some scholars even stand up to show their congratulations and admiration. When people applaud, the Professor, came to Jia Professor, was a little more interesting in the article. Due to version issues, the author is different from the set of constants and pre-standards used by the conference papers; after the meeting discovered this problem, Professor Wang Xiaoyun immediately changed the constant, and completed new data analysis in a short period of time. This surprisingly incredible small episode has proved the credibility of their papers, the effectiveness of the attack method, but highlights the success of the research work. At the end of the meeting, many experts surrounded by Professor Wang Xiaoyun, both of which were brief, and sincere congratulations, the words of the rendering. The main founder R. L. Rivest and A. Shamir, including the public key password, also expressed their joy and congratulations. The international cryptology expert gave a high degree of evaluation of Wang Xiaoyun. ???? MD5 designer, and the first designer R of the internationally known public key encryption algorithm standard RSA. Rivest wrote in the email: "These results have undoubtedly impressive, she should get my best congratulations, of course, I don't want to see MD5, but people must respect the truth."? Francois Grieu said this: "Wang Xiaoyun, Feng Deguo, the latest achievements of Jiajia and Yu Red waves show that they have successfully deciphered MD4, MD5, HAVAL-128, RIPEMD-128. And expected to complete the SHA with lower complexity -0 attack. Some preliminary problems have been resolved. They have won very warm applause. "???? another expert Greg Rose Such evaluation:" I just listened to the report of Joux and Wang Xiaoyun, the technology used by Wang Can find the collision of SHA-0 with 2 ^ 40 Hash operations under any initial value. She gathered in the report, she won a long standing and cheering, (this is impressed The first time is the first time). ... she is today's password school, the hero. ... (Wang Xiaoyun Professor Wang Xiaoyun's work) Although there is no public, the result is no doubt, this technology does exist. ... I am sitting in ron Rivest, I heard him commented: 'We have to do a lot of re-thinking.' "???????? stone breaks MD5 fortress crashed collapsed ???? A stone hit a thousand waves, MD5 Deciphering the fierce response of the cryptography. Experts say this is the password school in recent years, "the most substantive research progress", and each password-related website competes to report this amazing breakthrough. ???? MD5 crack special website closed ???? MD5 cracking project authority website http://www.md5crk.com/ is set up for the attack on MD5, announced on August 17, 2004 "Chinese researchers found the collision of the full MD5 algorithm; WANG, Feng, LAI and YU have announced the collision of MD5, MD4, HAVAL-128, RIPEMD-128 Hash function. This is the most substantive field in recent years Sexual research progress. Use their technology, you can find MD5 collision within a few hours. ... Due to this milestone discovery, the MD5CRK project will end within 48 hours. "
???? For this, http://www.readyResponse.org homepage is specifically reprinted Http://www.aspenLeaf.com/distribute/distrib-Recent.html and several other websites have also been reported. ???? The authoritative website has issued a comment or reporting this major research results. I have been statistically in the two weeks of the paper, and there are nearly 400 websites released, referenced, and commented on this result. Many of the news websites in China also reported a major event in this password academic community with the "Running Algorithm Security Encryption Function". (Report http://www.technewsworld.com/perl/board/MBoard.pl?board=lnitalkback&thread=895&tview=896&display=1&tview=Expanded&mView=flat, the message is reproduced multiple times on all news websites.) ??? ??????? Oriental Shen Yun MD5 Terminator From China ???? MD5 Crack Work, Professor Wang Xiaoyun is a thin, pair of women, thick lenses transmitted the math of mathematics. She learned from the famous mathematician Pan Yutong from the University of Shandong, in 1990, she was successfully applied to the password to the password in the well-known teacher of the famous mathematician Pan Chengdong, Mr. Pan, Yu Xiyuan, Shi Tao. In the school, many outstanding results have been obtained, and 863 project funding and national natural science fund projects have been obtained, and one of the department-level scientific and technological progress awards, writing more than 20 papers. Professor Wang Xiaoyun has begun research in Hash function from the end of the 1990s. She led the cryptographic student of Red Box, Wang Meiqin, Sun Qiuxi, Feng Yi, etc. Collaboration, after a long-term persistent effort, the key technologies of cracking the Hash function, successfully cracking MD5 and several other Hash functions. ???? In recent years, her work has been strongly supported by Shandong University and the School of Mathematics, and special investment in the construction of information security laboratories. Professor Shandong University Professor Huntao attaches great importance to the scientific research results of Professor Wang Xiaoyun. In June 2004, the leaders of Shandong University heard the work introduction of Professor Wang Xiaoyun, and the principal of Yoshao personally issued an invitation letter to invite domestic well-known information security experts to participate in the "Shandong University Information Safety Research Seminar", Mathematics Hospital. Professor Liu Jianya organized and hosted the meeting, and Professor Wang Xiaoyun announced a series of research results of MD5 and other algorithms. Experts gave a full affirmation of her research results and praised their persistent scientific research attitudes. A academician said that her research level is definitely not bad more than the international. The conclusion of this academician has been verified at the international password after a month, and foreign experts have such a strong response show that our work can be said not only the difference in international, but also in cracking the Hash function. . CertainKey, Canada, earlier, announced that the first collision staff of the MD5 algorithm will be given, and CertainKey's original intention is to use parallel computers to find collisions through birthday attacks, and Professor Wang Xiaoyun requires less computational time. ???? ???? Digital authentication Your future is not a dream ???? Due to the decipherment of MD5, it has triggered a big debate on whether MD5 products can also use. At the personal forum of Professor Jeffrey I. Schiller, Massachusetts University, many passwordists have published valuable comments in the debate of "Bad Day At the Hash Function Factory" (http://jis.mit. EDU / PIPERMAIL / SAAG / 2004Q3 / 000913.html).