[crypto] [Serge.Fehr at cwi.nl: [risc-list] RISC at CWI (Feb 18): Cryptanalysis]

R. Hirschfeld ray at unipay.nl
Mon Feb 17 16:06:59 CET 2014

------- Start of forwarded message -------
From: Serge Fehr <Serge.Fehr at cwi.nl>
Date: Mon, 17 Feb 2014 13:25:25 +0100
Subject: [risc-list] RISC at CWI (Feb 18): Cryptanalysis

Dear Colleagues,

this is to remind you of the upcoming RISC seminar on


The seminar takes place at CWI Amsterdam, The Netherlands, 

                           *tomorrow Tuesday, February 18, 2014, in Room L017*

The program features talks by Orr Dunkelman (Haifa University, Israel), Maximilian Fillinger (CWI Amsterdam), and Marc Stevens (CWI Amsterdam). The schedule is as follows.

 14:00 - 14:45 h       Marc Stevens: Update on cryptanalysis & counter-cryptanalysis of SHA-1
 14:45 - 15:30 h       Maximilian Fillinger: Reconstructing the Cryptanalytic Attack behind the Flame Malware
 16:00 - 16:45 h       Orr Dunkelman: Meet in the Middle Attacks
 16:45 - 17:30 h       Orr Dunkelman: Meet in the Middle Attacks - The Next Generation

See below and/or the RISC web page     http://www.cwi.nl/crypto/risc.html for the abstracts.

See you then and there!

Best regards,
Ronald Cramer and Serge Fehr


Marc Stevens: *Update on cryptanalysis & counter-cryptanalysis of SHA-1*

Abstract: Collision attacks on SHA-1 are for a major part based on combinations of local collisions.
At EUROCRYPT'13 we introduced a new exact and holistic method to analyze combinations of local collisions
that takes dependencies between them fully into account.
This talk will discuss current work in extending this work to the remaining part of collision attacks
towards improved SHA-1 collision attacks.
We also discuss how this method can be applied in the counter-cryptanalysis of SHA-1
to significantly speed up the collision detection algorithm for SHA-1.

Maximilian Fillinger: *Reconstructing the Cryptanalytic Attack behind the Flame Malware*

Abstract: The cyberwarfare malware Flame was, among other things, notable for its
ability to spread inside local networks via Windows Update, disguised as
a security update from Microsoft. Using a chosen-prefix collision
attack, based on differential cryptanalysis, on the cryptographic hash
function MD5, the attackers obtained a certificate in Microsoft's PKI
which they used to sign the update. Even though the attackers created a
new variant collision-attack, it has some similarities to MD5 collision
attacks that can be found in the literature. We attempt to reconstruct
the collision attack and the underlying differential path families and
illustrate our reconstruction techniques on example.
Joint work with Marc Stevens

Orr Dunkelman: *Meet in the Middle Attacks*

Abstract: In this talk we shall discuss the meet in the middle technique that was introduced by Merkle & Hellman in their seminal paper that showed that Double-DES is not more secure than single DES. Their technique was later used by Chaum & Evertse to attack reduced-round variants of DES. While being left out for several years, the technique is recently enjoying a renaissance, and become an active research field, with application to many block ciphers.
Joint work with Itai Dinur, Nathan Keller, and Adi Shamir.

Orr Dunkelman: *Meet in the Middle Attacks - The Next Generation*

Abstract: In this talk we shall discuss some of the new results on meet in the middle attacks, and mainly the recent work by Dinur et al. We will cover the new and surprising results in the field of the meet in the middle attacks, that can be applied to a much larger range of problems than multiple encryption.
Joint work with Itai Dinur, Nathan Keller, and Adi Shamir.

------- End of forwarded message -------

More information about the crypto mailing list