In August 2004, an international conference on cryptography representing the highest academic level in the field of international cryptography was held in California, USA. A 38-year-old Chinese female professor, who did not carry any papers, was invited to the stage by Hhghes, the president of the conference and one of the world's top cryptographers. The original rule that "each person can only speak for two to three minutes" made an exception for her and gave her fifteen minutes.
These fifteen minutes of speech are enough to let the world know this female professor and let the world know China.
In the field of cryptography, the United States has been promoting MD5 passwords to the world, and has repeatedly claimed that no one can crack our MD5 passwords, and even the famous cryptographer Biham has made cracking MD5 passwords a lifelong dream.
No one expected that a native Chinese scholar would actually crack MD5, the international universal cipher standard that is impregnable in the hearts of cryptographers around the world. This native Chinese female professor is Wang Xiaoyun.
At the International Cryptography Conference, Wang Xiaoyun confidently read out the scientific research results of the international hash function cryptography algorithm cracking method, including MD5, HAVAL-128, MD4 and RIPEMD, four of which have a pivotal position in the world.
As long as you use the method Wang Xiaoyun said, it only takes more than an hour to use an ordinary computer to crack the international password standard MD5.
Upon hearing this news, the international cryptographers were thrilled, and when Wang Xiaoyun made a report on the spot, there was an unprecedented and incomparable warm applause. Such a young scholar, and a computer scientist trained by the Chinese education system, can achieve such remarkable results, which is the first case in the history of the world.
For the key analysis technology proposed by Wang Xiaoyun to crack the MD5 code, many top international cryptographers have given high praise. Her one-of-a-kind approach, using models to find collision routes, and explicit modification techniques to improve the probability of collisions, also helped herself a lot later.
After the conference, cryptographers around the world were trying to understand the methods used by Wang Xiaoyun, trying to crack the MD5 password or a more advanced password system again.
After the chinese experts announced the publication of the paper that cracked MD5, nearly 400 domestic and foreign websites have published, cited and commented on the results. At that time, many domestic netizens could also see reports on many news websites with the title of "algorithm security encryption function exposed flaws, and the cryptography community was in an uproar", which was a major event in the cryptography community.
So, what is this MD5 password that has attracted great attention from the international cryptography community? MD5 was developed in the early 1990s through MD2, MD3, and MD4. Know that there are no two identical fingerprints in the world. For many people, handprints or fingerprints become the only and safe sign of people's identity. The Hash algorithm (function) is like this, people use it to process electronic signatures, and theoretically can form a unique electronic file "fingerprint" - "digital fingerprint".
Ideally, the "digital handprint" generated by the Hash function, as long as the one digit on the original information is modified, will also lead to the final formation of the "digital handprint" is completely different from the original image.
It is no exaggeration to say that even if the computers of the world were concentrated in one place at that time, it was impossible to make two identical "digital handprints". Because of this, people are extremely convinced that the MD5 password designed using the Hash function is unbreakable, and the digital signature cannot be forged.
This is also why when Wang Xiaoyun reported at the meeting that he and his team had cracked the MD password, people would look so shocked and excited.
The MD5 password cracked by Wang Xiaoyun is one of the two most widely used cipher standards in the world. This was designed in 1991 by an internationally renowned cryptographer, the founder of the public key cryptography RSA, the winner of the Turing Award, and a professor at the Massachusetts Institute of Technology in the United States.
And most critically, because people were so trusted by the Hash function at that time that many countries around the world used the Hash function to protect digital security:
Whether it is logging into the office LAN, entering the security page, or entering the personal mailbox to send emails, it is inseparable from the Hash function to protect the user's password; the electronic signature system needs to use the Hash function to authenticate customers and messages sent by customers; the banking system also needs to use the Hash function to ensure the security of the website that bank users log in to when entering the credit card password; most legal documents, company financial information, etc. need hash functions as timestamps to ensure that the data will not be maliciously tampered with ......
At that time, many international cryptographers who listened to Wang Xiaoyun's report at the conference were still glad that Wang Xiaoyun had not cracked another cryptographic standard that is currently most widely used internationally, SHA-1 (also known as the "White House Cipher"),, designed by the National Institute of Standards and Technology (NIST) and the US National Security Agency.
In 2004, the post-conference summary of the International Cryptography Congress was still panicked: "What should we do?" MD5 has been hit hard, it will be obsolete soon, SHA-1 is still there, but we also see its end. ”
At that time, the United States was still clamoring: even if you have the ability to crack the MD5 password, you will certainly not be able to crack our SHA-1 password. Wang Xiaoyun smiled slightly when he heard about it: "Then I'll try it!" Then he and the team re-engaged in the calculations.
In February 2005, Wang Xiaoyun, Yu Hongbo, Yin Yiqun and others really completed the deciphering of SHA-1. Just a week ago, the National Institute of Standards and Technology (NIST) announced that no one could crack the SHA-1 password and didn't expect the punch to come so quickly.
On February 15, five of the world's top cryptographers introduced the results of the deciphering of the SHA-1 cipher to three Chinese researchers led by Wang Xiaoyun at the annual RSA conference held in Los Angeles, USA.
Everyone present was stunned, it was only a few months, and another set of password systems that we thought were indestructible were cracked by Chinese? How is this possible? In order to dispel everyone's doubts, the organizers specially asked Wang Xiaoyun to briefly explain the deciphering method of their team.
Wang Xiaoyun said: When we carried out deciphering work, we used the decoding technology of MD5 code to successfully solve an impossible difference problem in SHA-1 differential analysis - this is the difficulty and bottleneck of SHA-like algorithm analysis technology, and countless people who want to crack SHA-1 are "dead" at this step; they also successfully solved the plaintext conditions and plaintext modification technology that are difficult to determine to meet the collision route.
After the meeting, the news of SHA-1's deciphering spread around the world, and even the Wall Street Journal and Science magazine in the United States made special reports on the annual meeting and published a large page. The American "New Scientist" magazine also used the words "Crash! Crisis in Cryptography" as a title to illustrate Wang Xiaoyun's achievements.
Therefore, NIST had to announce: withdraw the MD5 password, gradually withdraw the SHA-1 password standard in 2010, continue to study longer and more secure Hash function algorithms to fill the vacancies, and even the famous Microsoft, SUM several well-known companies have also published their own countermeasures.
It can be said that Wang Xiaoyun single-handedly changed the US cryptography system. With this research result, Wang Xiaoyun entered the computer science department of any top university in North America, including Stanford University and Princeton University, and it is no problem to be a full professor. But how could Wang Xiaoyun go?
Isn't the SHA-1 cipher theoretically decipherable? Why is the United States so panicked? You know, in the cryptography world, if you can prove it with theory, it will happen one hundred percent.
For example, Wang Xiaoyun really calculated the bug of the MD5 password using a certain analysis method, this kind of cryptographic system also has defects, no country dares to use it, once the national property, national defense and security are leaked, the consequences are unimaginable, after all, once the electronic signature can be forged, it will bring huge security risks to the people and even the entire country.
Most importantly, cryptographers have really forged digital certificates that meet the X.509 standard according to the MD5 collision route provided by Wang Xiaoyun, which means that the deciphering of MD5 is not only a theoretical result, but really has the potential to lead to an actual attack. Although the SHA-1 password has not yet found an example of a collision, as long as you run a supercomputer for a few years, you will inevitably find an example of a collision.
It is no wonder that the United States is so furious that it has to withdraw the MD5 password and gradually withdraw the SHA-1 password.
Wang Xiaoyun and her team have made great contributions, publishing such major scientific research results and enhancing the voice of Chinese in the field of information security. When the international information security industry reformulates the encryption standard that replaces MD5, it needs to listen to the opinions of the mainland, otherwise the newly developed standard is likely to be insecure.
The reason is simple: mainland experts master the cracking method and know where the flaws of MD5 are. If we overcome these shortcomings and develop more perfect standards, and develop more secure core technologies on this standard, then we will reap huge benefits in the market.
This also provides an opportunity for Chinese enterprises to achieve this achievement, cooperate with relevant research institutions, develop next-generation security products, and improve the mainland's research and development capabilities and international competitiveness of information security products, which are crucial to the mainland's ability to improve intellectual property rights.
After the relevant research results are introduced to the market, they will achieve economic returns, which in turn can drive the development of scientific research economically. In today's information age, a small number of countries are vainly trying to use their technological superiority to engage in information hegemony, posing a threat to most countries, including China.
Wang Xiaoyun announced the cracking of MD5, announced to the world that China's cryptography research has made a major breakthrough, the mainland's cryptography research is moving towards a higher field, any country and enterprise should not ignore the research and development strength of Chinese scientists, Wang Xiaoyun's password cracking challenges the information hegemony of the United States, in line with the concept of active defense of information security.
Speaking of which, Americans should thank us! If an outlaw finds this bug, I am afraid that all the secrets of the United States will be clearly seen by the world on the world website.
After all, the MD5 algorithm, at home and abroad, especially the United States, is being widely used in the military, finance, government agencies, e-commerce and other fields, and no one has yet taken advantage of the defects of the MD5 algorithm to carry out illegal attacks.
Professor Wang Xiaoyun timely published this research result, leaving MD5 algorithm with enough time and space to safely unload its historical mission, that is, to avoid losses caused by the defects of MD5 algorithm on a global scale, and even catastrophic consequences, from this point of view, MD5 cracking has extraordinary practical significance.
Who is this Wang Xiaoyun? Which university did she graduate from, and which famous teacher taught her? However, what everyone can't imagine is that Wang Xiaoyun does not have any experience of studying and working abroad.
How did a person who had no foreign education and did not understand foreign passwords come up with ways to crack them? Many of the world's top cryptographers have spent decades not to do, and Wang Xiaoyun actually took less than twenty years to complete!
Wang Xiaoyun was born in August 1966 to a rural family in Zhucheng, Weifang City, Shandong Province. Under the influence of her father, she liked to study mathematical, physical and chemical problems from an early age. Her mother did not have much culture, but her open-minded and open-minded character influenced Wang Xiaoyun's life.
In 1983, Wang Xiaoyun was admitted to the Department of Mathematics of Shandong University, and in 1987, Wang Xiaoyun graduated from the Department of Mathematics of Shandong University. In 1990, Wang Xiaoyun followed Professor Pan Chengdong, a famous mathematician in mainland China, and began to study for a doctorate in mathematical theory and cryptography at Shandong University. You know, Professor Pan has never accepted a "female disciple" before, which shows how excellent Wang Xiaoyun's mathematical ability was at that time!
In 1993, Wang Xiaoyun stayed in Shandong To teach at a university, under the guidance of his mentor Professor Pan, he changed to "cryptography", and in the following years, Wang Xiaoyun made a number of breakthroughs, not only receiving funding for many projects, but also winning a ministerial science and technology progress award.
After that, Wang Xiaoyun became a professor, and began the journey of cracking the algorithm while taking graduate students - HAVAL-128 algorithm, RIPEMD algorithm, SHA-0 encryption algorithm.
In the 10 years of cracking a series of international cryptographic algorithms, including the MD5 code, Wang Xiaoyun not only raised his daughter, but also raised a room of flowers. In order to facilitate the care of the children, the couple spent all their savings, purchased laser printers, computers, scanners and other important tools, and built a simple studio at home.
Wang Xiaoyun said: "My scientific research inspiration is inspired by holding children, doing housework, and raising flowers. It is also funny to say that the code that the Americans shouted could not be cracked was cracked by Wang Xiaoyun when he was holding the child at home.
On September 16, 2006, the China Association for Science and Technology and the Qiushi Foundation presented awards at the opening ceremony of the annual meeting of the China Association for Science and Technology. Nobel laureate Professor Yang Zhenning also came to the podium specifically to give an award to one person, she is Wang Xiaoyun, a distinguished professor at Shandong University, that is, the person who punched the United States in the face at the international conference.
As early as 2004, due to Wang Xiaoyun's outstanding performance, Mr. Yang Zhenning and Yao Zhizhi jointly decided that Yao Zhizhi would invite Wang Xiaoyun to come to Tsinghua University to give an academic report, and later, Nie Huatong expressed to Wang Xiaoyun the idea that Yang Zhenning invited her to work at Tsinghua University.
Soon, the internationally renowned cryptographer Dobertine also issued an invitation to Wang Xiaoyun to work at the University of Bochum in Germany; later, when Yang Zhenning visited Shandong University, he proposed to the president of Shandong University as soon as he got off the plane: Invite Wang Xiaoyun to work at Tsinghua University. In 2005, Wang Xiaoyun was hired by Tsinghua University as Yang Zhenning Chair Professor.
From August 30 to September 1, 2016, in the beautiful Yinchuan, an important academic seminar in the Chinese cryptography community was underway. This academic seminar was jointly organized by the Professional Committee of Cryptography Theory of Cryptography of the Chinese Cryptographic Society, Tsinghua University and Ningxia University, and was called "2016 Academic Symposium of the Special Committee on Cryptography Theory of Cryptography of the Chinese Cryptographic Society".
Wang Xiaoyun presided over the opening ceremony of the Yinchuan Seminar, and Wang Xiaoyun and several others- Researcher Lin Dongdai, Researcher Wu Wenling and Professor Qi Wenfeng presided over the academic seminar, and a total of 8 domestic and foreign experts made special reports on hot issues in the field of cryptography.
The seminar was a great success! It provides a good academic exchange platform for many talents in the study of cryptography theory in the mainland, and the thinking of foreign experts collides at the conference, and also provides new ideas, new thinking and new ideas for the research of the theoretical of cryptography in the mainland, and at the same time enhances the understanding and friendship between the participants.
In 2017, Wang Xiaoyun, who was just over 50 years old, was elected as an academician of the Chinese Academy of Sciences, and two years later, the "Future Scientist" award was announced, and Wang Xiaoyun became the only female winner since the opening of the prize, and received a prize of 1 million US dollars, equivalent to 7.11 million yuan.
Wang Xiaoyun said that his lifelong dream is to build a good password defense system for the motherland with everyone, and with talents like Wang Xiaoyun, he can let the world's password run after China, make our country more secure in the invisible field, and make the people's happy life more secure.
The author believes that Wang Xiaoyun, who does not have any background in studying abroad or working overseas, can successfully decipher the top code of the United States, indicating that the mainland has such cutting-edge talents, and also shows that the mainland's national education system still has advantages in some aspects. The world is open, science is borderless, and while connecting with the world, our scientific and technological circles should combine specific national conditions to create a talent training system with their own characteristics.
bibliography:
Xinhua Daily Telegraph: Cryptographer Wang Xiaoyun: Ten years to crack the two major international codes MD5 and SHA-1
Guangming Daily: "Alternative" Wang Xiaoyun: She deciphers the code that has been difficult to solve for millions of years, but she loves to raise flowers and do housework