Crypto researchers abuzz over flaws

Encryption circles are buzzing this week with news that mathematical functions embedded in common security applications might have previously unknown weaknesses.

The excitement began last Thursday with an announcement that French computer scientist Antoine Joux had uncovered a flaw in a popular algorithm called MD5, often used with digital signatures. Then four Chinese researchers released a paper that reported a way to circumvent a second algorithm, SHA-0.

While their results are preliminary, these discoveries could eventually make it easier for intruders to insert undetectable back doors into computer code or to forge an electronic signature--unless a different, more secure algorithm is used.

A third, widely anticipated announcement, which could be even more dramatic, is scheduled to take place Tuesday evening at the Crypto 2004 conference in Santa Barbara, Calif.

Eli Biham and Rafi Chen, researchers at the Israel Institute of Technology, originally were scheduled to present a paper identifying ways to assail the security in the SHA-0 algorithm, which is known to have imperfections. Now they're promising to discuss "breaking news information" about the SHA-1 algorithm at a conference session that was set to begin at 7 p.m. PDT.

News of serious flaws in the SHA-1 algorithm could, depending on the details, roil the computer security industry. Currently considered the gold standard of its class of algorithms, SHA-1 is embedded in popular programs like PGP and SSL. It's certified by the National Institute of Standards and Technology and is the only signing algorithm approved for use in the U.S. government's Digital Signature Standard. SHA-1 yields a 160-bit output, which is longer than MD5's 128-bit output and is considered more secure.