Counter-Cryptanalysis: detecting forged digital MD5, SHA-1 signatures

The Counter-Cryptanalysis project provides a drop-in replacement for the existing cryptographic hash functions MD5 and SHA-1. These algorithms have been the two largest industry standards for two decades, but their security has been broken since 2004 and 2005, respectively. The Counter-Cryptanalysis replacement functions were developed by the Cryptology group to detect forged digital signatures based on these two algorithms, that way providing protection against these attacks and allowing the safe continued use of MD5 and SHA-1.

The Counter-Cryptanalysis functions can be incorporated in software containing cryptographic components for digital signatures, particularly web browsers. The library is currently used by Microsoft, Fox-IT, Amazon, and other members of the CA/Browser Forum.