[Haifux] Fwd: Marc Stevens (CWI Amsterdam) @ Sunday Nov 17 on Improving Counter-cryptanalysis (fwd)

Orr Dunkelman orr.dunkelman at gmail.com
Mon Nov 11 17:59:47 MSK 2013

Dear All,

Next Sunday, at 10:30, the university of Haifa will host Marc Stevens' talk
concerning his findings about the Flame worm. The flame worm is one of the
two worms that allegedly were designed to battle the Iranian nuclear
program. Marc, who is also known as the guy that created a rouge X.509
certificate (using a cluster of Sony PS3), will discuss his findings
concerning the cryptanalytic attacks that were used to create the attack.

You are all invited to the university to hear his talk.
[Location - TBA]


--------- Forwarded message ----------
Date: Mon, 11 Nov 2013 16:50:21 +0200
Subject: Marc Stevens (CWI Amsterdam) @ Sunday Nov 17 on Improving


Time: November 17, Sunday 10:30, Room 303
Place: TBA

Title: "Improving Counter-cryptanalysis"


Flame, a highly advanced malware for cyberwarfare discovered in May, spread
itself as a properly, but illegitimately, signed Microsoft Update security
patch. Flame achieved this by forging a signature from Microsoft using a
so-called chosen-prefix collision attack on the very weak cryptographic
hash function MD5. In this talk I will focus on counter-cryptanalysis, a
new paradigm for strengthening cryptographic primitives, and the first
example thereof, namely an efficient anomaly detection technique that
detects whether a given signature was forged using a cryptanalytic
collision attack on the underlying hash function. We used
counter-cryptanalysis to expose Flame's yet unknown variant chosen-prefix
collision attack even though only one of the two colliding certificates was
available. Finally, I will discuss ongoing work on improving the complexity
of this new technique and efforts to reduce the chance of false negatives,
i.e., existence of feasible yet-undetected collision attacks.

Short bio:

Dr. ir. Marc Stevens is currently a post-doc in the Cryptology Group of CWI
Amsterdam. His current research focuses on cryptanalysis with practical
attacks on cryptographic hash functions in particular as well as
counter-cryptanalysis. He received his PhD at Leiden University in June
2012 for which he won the 2013 "Martinus van Marum" prize from the Royal
Holland Society of Sciences and Humanities. He is (co-)recipient of the
CRYPTO 2009 Best Paper Award and recipient of the CRYPTO 2013 Best Young
Researcher Paper Award.

Orr Dunkelman,
Orr.Dunkelman at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://haifux.org/pipermail/haifux/attachments/20131111/f7e53a99/attachment.html 

More information about the Haifux mailing list