Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
tme at multicasttech.com
Sun Jan 4 08:37:20 CST 2009
There is a discussion of this going on in CFRG.
On Jan 4, 2009, at 2:22 AM, Hank Nussbacher wrote:
> At 06:44 PM 03-01-09 +0100, Mikael Abrahamsson wrote:
>> On Sat, 3 Jan 2009, Hank Nussbacher wrote:
>>> You mean like for BGP neighbors? Wanna suggest an alternative? :-)
>> Well, most likely MD5 is better than the alterantive today which is
>> to run no authentication/encryption at all.
>> But we should push whoever is developing these standards to go for
>> SHA-1 or equivalent instead of MD5 in the longer term.
> Who is working on this? I don't find anything here:
> All I can find is:
> Nothing on replacing MD5 for BGP.
More information about the NANOG