Cryptanalysis

Cryptographic primitives are the cornerstones on which the security of our IT infrastructures is build. Public cryptanalysis aims to exposes weaknesses in those cryptographic primitives to ensure effective action can be taken in time to uphold security. Below you will find several resources on cryptanalysis from CWI's cryptology group.

Open Source Software

• Hash Collision Detection Library: an open-source reference implementation of our collision detection method for MD5 and SHA-1 (see these slides and the paper 'counter-cryptanalysis' below for more details).
  https://www.marc-stevens.nl/research/software/download.php?file=libdetectcoll-0.2.zip.
  
  This library can be used to detect (and thereby block) forged digital signatures based on so-called collision attacks. Widely known examples of forged signatures using collision attacks are the supermalware Flame and the Rogue Certification Authority Certificate. Unfortunately forged digital signatures are still a threat and accepted as legitimate signatures in nearly all software. Our library can be easily applied in existing software for processing digital signatures to protect against such forgeries.
   
• HashClash project: an open-source C++ framework for MD5 & SHA-1 differential path construction and chosen-prefix collisions for MD5, 2009-2012.
  http://code.google.com/p/hashclash.

Publications on cryptanalysis

• Counter-cryptanalysis, Marc Stevens, CRYPTO 2013, Lecture Notes in Computer Science, vol. 8042, Springer, 2013, pp. 129-146, (PDF).
  Winner of the CRYPTO 2013 Best Young Researcher Paper Award 
• New collision attacks on SHA-1 based on optimal joint local-collision analysis, Marc Stevens, EUROCRYPT 2013, Lecture Notes in Computer Science, vol. 7881, Springer, 2013, pp. 245-261, (PDF).
• Attacks on Hash Functions and Applications, Marc Stevens, PhD thesis, (PDF).
  Defended on June 19, 2012.
  Stellingen (Propositions): (PDF)
  Awarded the 2013 "Martinus van Marum" prize by the J.C. Ruigrok Foundation and the Royal Holland Society of Sciences.
• Single-block collision attack on MD5, Marc Stevens, Cryptology ePrint Archive, Report 2012/040, (PDF).
  More information can be found on: http://marc-stevens.nl/research/md5-1block-collision/.
• Chosen-Prefix Collisions for MD5 and Applications, Marc Stevens, Arjen Lenstra and Benne de Weger, International Journal of Applied Cryptography, Vol. 2, No. 4, 2012, pp. 322-359, (PDF)
• Short Chosen-Prefix Collisions for MD5 and the Creation of a Rogue CA Certificate, Marc Stevens, Alexander Sotirov, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Weger, CRYPTO 2009, Lecture Notes in Computer Science, vol. 5677, Springer, 2009, pp. 55-69, (PDF).
  Winner of the CRYPTO 2009 Best Paper Award.
• Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities, Marc Stevens, Arjen Lenstra and Benne de Weger, EUROCRYPT 2007, Lecture Notes in Computer Science, vol. 4515, Springer, 2007, pp. 1-22, (PDF).
• On Collisions for MD5, Marc Stevens, Master's Thesis, 2007, (PDF).
  Awarded the Eindhoven University of Technology "Afstudeerprijs 2008".
• Fast Collision Attack on MD5, Marc Stevens, Cryptology ePrint Archive, Report 2006/104, (PDF).

Cryptanalysis researchers

Marc Stevens Scientific Researcher Home Page Curriculum Vitae