ENGINEERINGNET.EU -- With advanced mathematical techniques he proved that not only the widely used MD5 standard is no longer safe for digital signatures and internet security, but also SHA-1.
This research is part of his PhD research at Centrum Wiskunde & Informatica (CWI) - the national research centre for mathematics and computer science in the Netherlands - Marc Stevens defends his thesis 'Attacks on Hash Functions and Applications' at Leiden University on 19 June 2012. Recently he also analyzed the Flame virus, and discovered it uses a new, yet unknown variant of a collision attack.
During his PhD research Marc Stevens investigated in particular the MD5 and SHA-1 hash functions, international standards that are commonly used for digital signatures on certificates, applications, emails and documents.
He constructed more efficient and flexible attacks on MD5 by introducing so-called 'chosen-prefix collisions'. In addition, he made a step forwards towards a practical attack on SHA-1.
The method he devised is more accurate, more successful and more flexible than previous approaches. Finally, Stevens designed a method that can detect if communications and files are constructed with collision attacks, so connections can be blocked before sensitive information is being leaked.
In 2008, mathematician Marc Stevens became worldwide known by 'cracking' the https internet security with an international team.
"If, instead of us, malicious parties would have done this, then, for instance, the international payment traffic could have been hacked without being noticed", said Stevens.
The industry responded quickly: international Certification Authorities abandoned MD5 for internet security within a few days. The Netherlands thus contributed significantly to the global Internet safety. Cracking https was published in media as the New York Times and Le Monde.
His research led to several awards, including the prestigious Best Paper Award of CRYPTO 2009, one of the top conferences in cryptographic research.
"However, MD5 is still being used in many applications," says Stevens. "For companies it is often a tradeoff between the risks and costs to replace these standards. That’s why I have designed software that can detect collision attacks like the one from the Flame virus".
After his PhD defence Marc Stevens will become a postdoc researcher at CWI. The groundbreaking cryptography research is done in CWI’s Cryptology group, headed by Prof. Ronald Cramer.
This group investigates fundamental cryptographic questions from a broad scientific perspective, particularly from mathematics, computer science and physics. The research was funded by Ronald Cramer's Vici grant from the Netherlands Organisation for Scientific Research (NWO).
(GL)
