Welcome to the Interconnect-IT weblog. In this weblog we will comment and focus our attention on security-related information in the broadest sense of the word. Most of our effort will be put into cryptography (ancient and contemporary), interesting security documents and tools we spot on the web and security trends.

Sunday, 14 December, 2008
Some More On Hash Collisions

As mentioned in yesterday's blog post, a collision is a phenomenon in cryptographic hash theory where two inputs hash to exactly the same output. You might ask: are there any real-life examples of that? Sure there are! One of the most famous of MD5 hash collisions is probably the one created my Magnus Daum and Stefan Lucks. They managed to create two documents, one containing a letter of recommendation from Julius Caesar and one containing an order from the same Julius Caesar. See their web page for more information. You can use etree's MD5 command line utility to check out the results for yourself.

 

You could of course go one step further and create your own MD5 collisions. There are several tools on the Internet that can pull of this task for you. One of them is the MD5 Collision Generator, currently in version 1.0.0.5. It can be downloaded from Marc Stevens' webpage. The webpage also contains several interesting links to other projects, documents and his MSc thesis. For a nice graphical overview of supposedly secure hash algorithm keylengths, see the BlueKrypt webpage.

posted by casper van eersel on 22:10PM

Saturday, 13 December, 2008
NIST Hash Contest Round 1 Candidates

In 2005, several research papers by Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu described a breakthrough in the field of cryptography, i.e. the precise description of a way to break many of the world's most famous hash functions, MD5 and SHA-1 being the most widely implemented. (Hash functions calculate hash values, which are strings which uniquely identify the input of the hash function, such as an e-mail message or an official contract.) What this meant was that they found an attack faster than brute-force to find a collision, which is what happens when two different hash algorithm inputs result in the same hash value.

 

As a result of that, the NIST started a cryptographic hash algorithm competition, inviting everyone to come up with suitable replacements for the broken hash algorithms, much like the contest that took place to replace the DES standard. All the first round candidates have been posted on the NIST website. Some of them have already been broken. It'll be interesting to see which algorithm makes it to become the next standard.

 

For a nice tool that calculates the hash values for a wide variety of hash functions, download SlavaSoft's Hash Calculator. Another tool, which has the benefit of accepting file inputs, is Hashish. Remember that a lot of the hash algorithms that these tools use have now been broken! To keep up with the stream of cryptographic papers on subjects such as hash functions, you might want to take a look at the Cryptology ePrint Archive.

posted by casper van eersel on 23:12PM

Friday, 12 December, 2008
Fake Invoice

Hundreds of thousands of fake bills have been sent to entrepreneurs in the Netherlands, requesting to pay a fair amount of money for services not delivered. The sending company tries to trick you into believing that the bill comes from a institution well-known to Dutch entrepreneurs, namely the "Kamer van Koophandel". It's amazing how much effort was put into this scheme. The fraudulent website, which by now redirects you to another website, looks a lot like the legitimate KvK website. Besides that, the name and logo are practically identical to the legitimate site, a little warning about a "new bank account" that is in use is given just in case you might wonder about that sudden change, the cover letter (which looks like this) mentions that you are already part of their database etc. Nice try, I must admit. In response to this, it might be a good idea to check out the following websites (they are in Dutch):

posted by casper van eersel on 17:19PM