FAQ   Search   Memberlist   Usergroups   Register   Profile   Log in to check your private messages   Log in 
Chinese Prof Cracks Top Data Encryption Algorithm

Post new topic   Reply to topic    The Next Level Forum Index -> General Discussion
  ::  Previous topic :: Next topic  
Author Message
Site Admin

Joined: 18 Jan 2006
Posts: 8807

PostPosted: Thu Jan 25, 2007 12:18 am    Post subject: Chinese Prof Cracks Top Data Encryption Algorithm Reply with quote


Chinese Professor Cracks Fifth Data Encryption Algorithm

SHA-1 added to list of "accomplishments"

Central News Agency Jan 11, 2007

TAIPEI—In five years, the U.S. government will cease to use SHA-1 (Secure Hash Algorithm) and convert to a new and more advanced computer data encryption, according to the article "Security Cracked!" from New Scientist . The reason for this change is that 41-years old associate professor Wang Xiaoyun of Beijing's Tsinghua University and Shandong University of Technology has already cracked SHA-1.

According to a Beijing digest, this SHA-1 encryption includes the world's gold standard Message-Digest algorithm 5 (MD5). Before Professor Wang cracked it, the MD5 could only be deciphered by today's fastest supercomputer running codes for more than a million years.

However, professor Wang Xiaoyun, a graduate of Shandong University of Technology's mathematics department, and her research team obtained results by using ordinary personal computers.

In early 2005, Wang and her research team announced that they had succeeded in cracking SHA-1. In addition to the U.S. government, well known companies like Microsoft, Sun, Atmel, and others have also announced that they will no longer be using SHA-1.

Two years ago, Wang convened an international data encryption conference to announce that her team had successfully cracked the four world-class standards of data encryption algorithms of MD5, HAVAL-1 28, MD4 and RIPEMD within 10 years.

A few months later, she then cracked the even more advanced and difficult SHA-1.

According to the article, Hash was Wang's area of research. Hash is the basis of MD5 and SHA-1, the two most extensive data encryption algorithms now used in the world.

These two main algorithms are currently the crucial technology that electronic signatures and many other password securities use throughout the international community. They are widely used in banking, securities, and e-commerce. SHA-1 has been recognized as the cornerstone for modern Internet security.

According to the article, in the early stages of Wang's research, there were other data encryption researchers who tried to crack it. However, none of them succeeded. This is why in 15 years Hash research had become the domain of hopeless research in many scientists' minds.

Wang's method of cracking the encryptions differs from all others. Although encryption analysis usually cannot be done without the use of computers, according to Wang, the computer only assisted in cracking the algorithm. Most of the time, she calculated manually, and manually designed the methods.

Wang said, "Hackers crack passwords with bad intentions. I hope efforts to protect against password theft will benefit [from this]. Password analysts work to evaluate the security of data encryption and to search for even more secure encryption algorithms."

She added, "On the day that I cracked SHA-1, I went out to eat. I was very excited. I knew I was the only person who knew this world-class secret."

Within ten years, Wang cracked the five biggest names in data encryption. Many people would think the life of this scientist must be monotonous. However she said, "That ten years was a very relaxed time for me."

During her work, she bore a daughter and cultivated a balcony full of flowers. The only mathematics related habit in her life is how she remembers the license plates of taxi cabs.

Back to top
View user's profile Send private message Send e-mail Visit poster's website

Joined: 16 Jul 2006
Posts: 1716
Location: Municipal Flat Block 18A, Linear North

PostPosted: Thu Jan 25, 2007 4:15 am    Post subject: Reply with quote

It's *not* a data encryption algorithm, Fintan, it's a data *hashing* algorithm.

Ie it's not something that's used to actually encrypt any data , it's used to produce a (hopefully) unique checksum from a set of data, so that it can be held to be sound and untampered with, as if so much as a single byte was changed, the whole SHA-1 (or whatever) hash checksum wouldn't be the same.

And she hasn't really managed to 'crack' SHA-1 - what she was able to was produce two pieces of data that have the same checksums - a so called 'collision' - which is supposed to be impossible to do with a perfect hashing algorithm. (in textbook land, somewhere Wink)

This *doesn't* mean that SHA-1, MD5 etc., are totally unusable as from now on, though, just because she's done this - I mean - yes - it's an achievement, but it doesn't mean that anything's actually been 'broken' as such.

The rule for today.
Touch my tail, I shred your hand.
New rule tomorrow.

Cat Haiku

Last edited by Continuity on Thu Jan 25, 2007 9:11 am; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website

Joined: 11 Feb 2006
Posts: 2950
Location: 36� 3'N x 86�40'W

PostPosted: Thu Jan 25, 2007 9:06 am    Post subject: Reply with quote

Isn't all of this encryption warfare designed to make everyone just trustful enough of online financial security to use it, yet just fearful enough of that "lone hacker" scenario to purchase the added security packages thrown at us regularly?

I'm still convinced my own bank had something to do with the 2 credit card breaches I suffered late last year. Within 12 days, I'd gotten a notice from them in the mail of a new "low cost" CC security service they were flogging.

Now see what you've done? I've gone and used 'scenario' again. Evil or Very Mad

"No matter what happens, ever... there's ALWAYS at least one reason. And the top reason is ALWAYS money."
Back to top
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger
Display posts from previous:   
Post new topic   Reply to topic    The Next Level Forum Index -> General Discussion All times are GMT - 5 Hours
Page 1 of 1

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Powered by phpBB © 2001, 2005 phpBB Group

Theme xand created by spleen.