Vlastimil Klíma

Vlastimil Klíma (born 19 February 1957 in Benešov) is a cryptographer, computer security expert, white hat hacker and court expert in the field of computer technology.

Klíma received his doctorate from the Faculty of Mathematics and Physics at Charles University in 1984.

As an academic, he taught Applied Cryptography at the Faculty of Mathematics and Physics at Charles University in Prague.

Klíma is the former Head of the research and development group at the Federal Ministry of Defense of the Czech Republic and the Czech National Security Authority.

In 2002, Vlastimil Klíma and Tomáš Rosa identified a significant vulnerability in the OpenPGP format regarding the protection of private signature keys. Their research showed that a lack of integrity protection on the private key structure could be exploited by an attacker. This eventually led to improvements in how PGP-compatible programs handle private key storage.

In 2003, ethical hackers Klíma, Pokorný, and Rosa presented a sophisticated side-channel attack on SSL/TLS, often referred to as the "KPR attack". This had a major impact on strengthening the security of Internet communications.

In 2005 Klíma showed how to find collisions in the popular MD5 hash function on a laptop .

In 2006, Vlastimil Klíma introduced the "Tunnels" method, which reduced the time required to find collisions in the MD5 hash function to under one minute on a standard notebook computer. It accelerated the design of the new hashing standard SHA-3.

With other academicians (Norwegian University of Science and Technology, Charles University, Czech Republic) he proposed two of 15 candidates of the world´s SHA-3 hash standard (Blue Midnight Wish , EDON-R ).

The design of the SHA-3 standard was influenced by the discovery of generic attacks on "narrow-pipe" hash functions. Research by Vlastimil Klíma and Danilo Gligoroski demonstrated that such functions could be vulnerable to collision attacks with a complexity lower than that of the birthday paradox. This reinforced the security arguments for the "wide-pipe" or "sponge" constructions like Keccak.

In 2006, Klíma received a security clearance from the Czech NSA to the level of TOP SECRET. He then worked on several cryptographic projects and devices for the protection of classified information, most recently in 2024 for the National Cyber and Information Security Agency of the Czech Republic.

In 2011 he was appointed by the Minister of Justice as a court expert in the field of computer technology and worked for the Police of the Czech Republic and the Czech judiciary until 2020. When he retired in 2020, he spent several years unsuccessfully trying to decipher the Voynich Manuscript.

He is known in the Czech Republic as a popularizer of cryptography and cryptanalysis. He has written over 200 articles on the subject and has spoken at numerous domestic and international security conferences.

A more detailed list of his publications is provided on his personal website. Provided by Wikipedia