.comment-link {margin-left:.6em;}

filling the void

Thursday, February 08, 2007


A couple of months ago, I took a class called "Introduction to Computer Security". For this class, we were asked to, in pairs, write a small small paper on any topic in computer security. It wasn't a research paper, but rather we were supposed to write something about someone else's research, or a topic that we found interesting. The best of these papers were to be presented at a mini "conference" at the end of the class.

Me and a friend wrote a paper called "Hash Collisions - Impact on Modern Cryptography".
Not surprisingly it deals with the problems we face should the widely used hashing algorithms be broken. Since we were limited to 6 pages, the paper is extremely condensed, but in the end concludes that, because of recent breakthroughs in cryptanalysis, algorithms like MD5 and SHA1 shouldn't be used any more, and more secure alternatives should be found.
Now, I don't claim that we came up with this conclusion, smarter people did, and we agreed, but now it seems like someone is actually doing something about it.

NIST, the National Institute of Standards and Technology has initiated a contest for candidates for what will probably become the worlds new hashing function. Bruce Schneier has written an excellent article about the competition in Wired, and he has also previously reached the same conclusions as we did. I feel like I'm in the company of greater minds whenever this happens, even though it's all re-iteration of what other people have said, to a large degree.

Even if you don't read the paper, I suggest you read the article.

(No, we didn't get one of the spots at the mini conference, but I still like our subject)

Labels: , , , ,


Post a Comment

<< Home