Department of Computer Science
CS 588: Cryptology - Principles and Applications
evans@virginia.edu
|
CS588: Cryptology - Principles and Applications, Fall 2001 |
Manifest: Monday 1 October 2001
Assignments Due Wednesday, 10 October Problem Set 3
Readings MBC p. 26-30 discuss strong collision resistance (birthday attack probability)
Questions
- How can we distribute public keys?
- How can we establish trustworthy communication with a web server?
- What do certificates prove?
- Why don't people encrypt messages using RSA?
- What are the properties of a good cryptographic hash algorithm? How do we evaluate how well a particular algorithm satisfies those properties?
- What is the difference between weak collision resistance and strong collision resistance?
Links
- http://crl.verisign.com/ - VeriSign's Certificate Revokation List
- Free trial ID
- Microsoft, VeriSign, and Certificate Revocation , by Gregory L. Guerin (Schneier's original article)
- Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure, C. Ellison and B. Schneier. Computer Security Journal, v 16, n 1, 2000.
Collisions for MD4 can be found in about a minute on a typical PC. ... MD4 should not be used. ... Given the surprising speed with which techniques on MD4 were extended to MD5 we feel that it is only prudent to draw a cautious conclusion and to expect that collisions for the entire hash function might soon be found.
From RSA Bulletin, Recent Results for MD2, MD4 and MD5.
|
|
University of Virginia Department of Computer Science CS 588: Cryptology - Principles and Applications |
David Evans evans@virginia.edu |