WEINMANN Ralph-Philipp

Rump session talk #1: SAGE: open source mathematical software (also) for cryptanalysts

Rump session talk #2: iPhone Crypto

Title (1st half of slot): Algebraic S-Box recovery


Cryptomeria is a block cipher uses for content protection on Video DVD-R's, Audio-DVD's and SD cards. Although structurally the cipher has been
fully specified, the 8x8 bit S-Box is kept a trade secret for licensing reasons. In this talk we present a chosen-key attack scenario that results in a system of low-degree polynomial equations. An attacker solving these equations is able to obtain a number of S-Box entries, by iterating the attack the complete S-Box can be recovered. We present results against reduced versions of the cipher which demonstrate that an attack of this manner against the full Cryptomeria cipher may indeed be possible.

Title (2nd half of slot): Interesting hash collisions for X.509 certificates


We demonstrate how to trick a Certificate Authority into unwittingly providing attackers with X.509 certificates enabling them to issue certificates themselves. This is achieved by making use of collisions in hash functions that follow a certain format. By showing a technique giving two certificates with the same MD5 hash and signature we show that our attack is applicable against Certificate Authorities still issuing certificates using MD5-based signatures.





"WEINMANN Ralph-Philipp" is mentioned on: Home | Participants

(C) 2007 University of Luxembourg

Printable Version
VeryQuickWiki - HTML Export
Version: 2.7.1 (UniLux: 1.15.0 2006-01-19)
Modified: 2008-01-11 13:18:52
Exported: 2010-01-06 02:36:55