Vlastimil Klíma

Vlastimil Klíma (born 19 February 1957 in Benešov) is a cryptographer, computer security expert, white hat hacker and court expert in the field of computer technology.

Klíma received his doctorate from the Faculty of Mathematics and Physics at Charles University in 1984.

As an academic, he taught Applied Cryptography at the Faculty of Mathematics and Physics at Charles University in Prague.

Klíma is the former Head of the research and development group at the Federal Ministry of Defense of the Czech Republic and the Czech National Security Authority.

In 2002, Vlastimil Klíma and Tomáš Rosa identified a significant vulnerability in the OpenPGP format regarding the protection of private signature keys. Their research showed that a lack of integrity protection on the private key structure could be exploited by an attacker. [1] This eventually led to improvements in how PGP-compatible programs handle private key storage.

In 2003, ethical hackers Klíma, Pokorný, and Rosa presented a sophisticated side-channel attack on SSL/TLS, often referred to as the "KPR attack".[2] This had a major impact on strengthening the security of Internet communications.[3]

In 2005 Klíma [4] showed how to find collisions in the popular MD5 hash function on a laptop [5].

In 2006, Vlastimil Klíma [6] introduced the "Tunnels" method, which reduced the time required to find collisions in the MD5 hash function to under one minute on a standard notebook computer. It accelerated the design of the new hashing standard SHA-3.

With other academicians (Norwegian University of Science and Technology, Charles University, Czech Republic) he proposed two of 15 candidates of the world´s SHA-3 hash standard (Blue Midnight Wish [7], EDON-R [8]).

The design of the SHA-3 standard was influenced by the discovery of generic attacks on "narrow-pipe" hash functions. Research by Vlastimil Klíma and Danilo Gligoroski demonstrated that such functions could be vulnerable to collision attacks with a complexity lower than that of the birthday paradox. [9] This reinforced the security arguments for the "wide-pipe" or "sponge" constructions like Keccak.

In 2006, Klíma received a security clearance from the Czech NSA to the level of TOP SECRET. He then worked on several cryptographic projects and devices for the protection of classified information, most recently in 2024 for the National Cyber and Information Security Agency of the Czech Republic.

In 2011 he was appointed by the Minister of Justice as a court expert in the field of computer technology and worked for the Police of the Czech Republic and the Czech judiciary until 2020. When he retired in 2020, he spent several years unsuccessfully trying to decipher the Voynich Manuscript.

He is known in the Czech Republic as a popularizer of cryptography and cryptanalysis. He has written over 200 articles on the subject and has spoken at numerous domestic and international security conferences.

A more detailed list of his publications is provided on his personal website.

References

  1. ^ Klima, Vlastimil; Rosa, Tomas (11 June 2002). "Attack on Private Signature Keys of the OpenPGP format, PGP (TM) Programs and Other Applications Compatible with OpenPGP". Cryptology ePrint Archive. Report 2002/076. International Association for Cryptologic Research. Retrieved 14 February 2026. The paper describes a vulnerability in the OpenPGP format that allows an attacker to manipulate private key files and potentially recover sensitive information or forge signatures.
  2. ^ Klíma, Vlastimil; Pokorný, Ondřej; Rosa, Tomáš (2003). "Attacking RSA-based Sessions in SSL/TLS". Cryptographic Hardware and Embedded Systems – CHES 2003. Lecture Notes in Computer Science. 2779. Springer: 426–440.
  3. ^ Wagner, David (18 March 2003). "Brumley & Boneh timing attack on OpenSSL". Cryptography Mailing List. Retrieved 20 May 2024. But then, the recent Klima-Pokorny-Rosa paper shows how even just a tiny crack can lead to subtle, totally unexpected attacks. Who would have thought that SSL's version rollback check (two bytes in the input to the modular exponentiation) could enable such a devastating attack? Not me.
  4. ^ Klima, Vlastimil (5 March 2005). "Finding MD5 Collisions – a Toy For a Notebook". Cryptology ePrint Archive. Report 2005/075. International Association for Cryptologic Research. Retrieved 14 February 2026.
  5. ^ P. Hoffman; B. Schneier (November 2005). Attacks on Cryptographic Hashes in Internet Protocols (Report). RFC. IETF. Retrieved 14 February 2026. In early 2005... Vlastimil Klima showed a faster method for finding MD5 collisions (eight hours on a 1.6-GHz computer). These results show that the attacks against MD5 are practical on any modern computer.
  6. ^ Klíma, Vlastimil (18 March 2006). "Tunnels in Hash Functions: MD5 Collisions Within a Minute". Cryptology ePrint Archive. Report 2006/105. Retrieved 14 February 2026.
  7. ^ Gligoroski, Danilo; Knapskog, Svein J.; El-Hadedy, Mohamed; Amundsen, Jorn; Mjolsnes, Stig F. (15 September 2009). "Cryptographic Hash Function Blue Midnight Wish" (PDF). First SHA-3 Candidate Conference. NIST. Retrieved 14 February 2026.
  8. ^ Klima, Vlastimil; Gligoroski, Danilo; Odegard, Rune Steinsmo; Mihova, Marija; Knapskog, Svein Johan; Kocarev, Ljupco; Drápal, Aleš (12 January 2009). "Cryptographic Hash Function EDON-R" (PDF). First SHA-3 Candidate Conference. NIST. Retrieved 14 February 2026.
  9. ^ Klima, Vlastimil; Gligoroski, Danilo (16 August 2010). "Generic collision attacks on narrow-pipe hash functions faster than birthday paradox, applicable to MDx, SHA-1, SHA-2, and SHA-3 narrow-pipe candidates". Cryptology ePrint Archive. Report 2010/430. International Association for Cryptologic Research. Retrieved 14 February 2026. This work demonstrates that for narrow-pipe hash functions, collisions can be found with a complexity lower than the bound set by the birthday paradox.


This article is issued from Wikipedia. The text is available under Creative Commons Attribution-Share Alike 4.0 unless otherwise noted. Additional terms may apply for the media files.