Featured Research

from universities, journals, and other organizations

Data Security: A Problem In Search Of A Mathematical Theory

Date:
February 13, 2006
Source:
American Mathematical Society
Summary:
The need for security in electronic communications is crucial in today's world. The foundation for providing this security rests on mathematics. In particular, a certain kind of mathematical function called a "hash function" is central in the design of cryptographic systems that protect electronic communications. But recently the most secure hash function in use today was shown to be vulnerable to attack.

The need for security in electronic communications is crucial in today's world. The foundation for providing this security rests on mathematics. In particular, a certain kind of mathematical function called a "hash function" is central in the design of cryptographic systems that protect electronic communications. But recently the most secure hash function in use today was shown to be vulnerable to attack. An article in the upcoming issue of the Notices of the AMS describes these attacks and sends out a call for a new mathematical theory to undergird future communications security systems.

Related Articles


A hash function is an easy-to-compute compression function that takes as input any string of computer bits and distills that string down to a fixed-length output string: Whether the input is an 8-character password or a 100-page document, the hash function outputs a string of a fixed length. An important feature of hash functions is that they must be hard---or at least computationally too expensive---to invert. So, for example, it should be hard, given the hash of a password, to recover the password itself.

One researcher calls hash functions the "duct tape" of cryptography because they are used everywhere for many different purposes: to authenticate messages, to ascertain software integrity, to create one-time passwords, and to support Internet communication protocols. The very ubiquity of hash functions makes any vulnerability found in them a widespread concern.

SHA-1 is a secure hash algorithm (that is, a computer algorithm based on a hash function) that is the government standard and is very widely used; it was developed by the National Security Agency. Other older and even less secure hash algorithms are still in use in many applications. Cryptographers were already concerned about vulnerabilities that had been exposed in those older algorithms. But they were astonished when, at a cryptography meeting in 2005, researchers announced that they had found a way to attack SHA-1 in far fewer steps than was previously known.

For now, SHA-1 is still safe; the method announced by the researchers would take a huge amount of computational time and resources, and it is not clear how this would be carried out. But such attacks always grow more sophisticated, so cryptographers would like to replace SHA-1 as soon as possible. The NSA has a series of hash algorithms, beginning with SHA-256, that are secure; the issue is how to deploy them throughout the infrastructure.

In her Notices article "Find Me a Hash", Susan Landau describes these developments and the nature of the new vulnerability of SHA-1. Her central point is that the mathematical theory of hash functions needs much more development before researchers can come up with more secure hash algorithms for tomorrow's applications.

###

An advance copy of Landau's article may be found through the non-public link http://www.ams.org/staff/jackson/fea-landau.pdf. The article will appear in the March 2006 issue of the Notices of the AMS (http://www.ams.org/notices).

Founded in 1888 to further mathematical research and scholarship, the more than 30,000-member American Mathematical Society fulfills its mission through programs and services that promote mathematical research and its uses, strengthen mathematical education, and foster awareness and appreciation of mathematics and its connections to other disciplines and to everyday life.



Story Source:

The above story is based on materials provided by American Mathematical Society. Note: Materials may be edited for content and length.


Cite This Page:

American Mathematical Society. "Data Security: A Problem In Search Of A Mathematical Theory." ScienceDaily. ScienceDaily, 13 February 2006. <www.sciencedaily.com/releases/2006/02/060213103138.htm>.
American Mathematical Society. (2006, February 13). Data Security: A Problem In Search Of A Mathematical Theory. ScienceDaily. Retrieved October 30, 2014 from www.sciencedaily.com/releases/2006/02/060213103138.htm
American Mathematical Society. "Data Security: A Problem In Search Of A Mathematical Theory." ScienceDaily. www.sciencedaily.com/releases/2006/02/060213103138.htm (accessed October 30, 2014).

Share This



More Computers & Math News

Thursday, October 30, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Mind-Controlled Prosthetic Arm Restores Amputee Dexterity

Mind-Controlled Prosthetic Arm Restores Amputee Dexterity

Reuters - Innovations Video Online (Oct. 29, 2014) A Swedish amputee who became the first person to ever receive a brain controlled prosthetic arm is able to manipulate and handle delicate objects with an unprecedented level of dexterity. The device is connected directly to his bone, nerves and muscles, giving him the ability to control it with his thoughts. Matthew Stock reports. Video provided by Reuters
Powered by NewsLook.com
Robots Get Funky on the Dance Floor

Robots Get Funky on the Dance Floor

AP (Oct. 29, 2014) Dancing, spinning and fighting robots are showing off their agility at "Robocomp" in Krakow. (Oct. 29) Video provided by AP
Powered by NewsLook.com
IBM Taps Into Twitter's Data With New Partnership

IBM Taps Into Twitter's Data With New Partnership

Newsy (Oct. 29, 2014) The new partnership will allow IBM to access Twitter’s data and analytics to help IBM clients better understand their consumers. Video provided by Newsy
Powered by NewsLook.com
Google To Use Nanoparticles, Wearables To Detect Disease

Google To Use Nanoparticles, Wearables To Detect Disease

Newsy (Oct. 29, 2014) Google X wants to improve modern medicine with nanoparticles and a wearable device. It's all an attempt to tackle disease detection and prevention. Video provided by Newsy
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:

Breaking News:

Strange & Offbeat Stories


Space & Time

Matter & Energy

Computers & Math

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile: iPhone Android Web
Follow: Facebook Twitter Google+
Subscribe: RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins