Security team successfully cracks SSL using 200 PS3's and MD5
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Sun Jan 4 22:52:10 UTC 2009
On Sun, 04 Jan 2009 15:58:34 CST, Joe Greco said:
> > Technically the only thing necessary to prevent
> > this attack has already been done, and that is to stop issuing certs
> > signed with MD5 so that no one else can create a rogue CA via this
> > means.
>
> Are we certain that existing certs cannot be subverted?
The attack depends on being able to to jigger up *two* certs that have the
same MD5 hash. Therefor, attacking an existing cert would require either:
1) That the existing cert be one of a pair (in other words, somebody else
already knew about the current attack and also did it).
or
2) Somebody has found a way to cause a collision to a specified MD5 hash (which
is still impractical, AFAIK).
If anybody has a subvertible cert, it's pretty safe to guess that they *know*
they have such a cert, because they themselves *built* the cert that way.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20090104/f426d7fe/attachment.sig>
More information about the NANOG
mailing list