The Hash Disaster

Recent Results on Cryptanalysis and their Implications on System Security

Rüdiger Weis

Playlists: 'mrmcd101b' videos starting here

A lot of actual results show that all widely used hash functions (MD4,MD5,SHA,SHA-1) are broken in a cryptographic sense.

Even worse because of some internal design properties even practical attacks against MD*-based hash functions security systems could be shown. In this talk we discuss the cryptographic status and some first-aid workarounds. We also show the impossibility to establish a "Trusted" infrastructure based on a untrustable cryptographic function.