CS551: Security and Privacy on the Internet, Fall 2000
Manifest: Wednesday 27 September 2000
Assignments Due Beginning of class today Problem Set 2 4 October Full Project Proposal 11 October Problem Set 3
Monday: Guest lecture by Paco Hope, from Chain Mail, Inc.
Before 4 October: Stallings, 12.1, 14.2, 14.3.
Optional Recommended Reading
- Alma Whitten and J. D. Tygar, Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0, USENIX Security Symposium, August 1999.
- RSA Bulletin: Recent Results for MD2, MD4 and MD5
- Why would ed 1 mod n be a bad idea?
- Why don't people encrypt messages using RSA?
- How are cryptographic hash functions used?
- What are the properties of a good cryptographic hash function?
- What is the difference between weak collision resistance and strong collision resistance? How does this effect the size needed for a secure message digest?
Collisions for MD4 can be found in about a minute on a typical PC. ... MD4 should not be used. ... Given the surprising speed with which techniques on MD4 were extended to MD5 we feel that it is only prudent to draw a cautious conclusion and to expect that collisions for the entire hash function might soon be found.
From RSA Bulletin, Recent Results for MD2, MD4 and MD5.
University of Virginia
Department of Computer Science
CS 551: Security and Privacy on the Internet