Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
Deepak Jain
deepak at ai.net
Fri Jan 2 21:16:20 UTC 2009
> ssl itself wasn't cracked they simply exploited the known vulnerable
> md5
> hashing. Another hashing method needs to be used.
The encryption algorithm wasn't hacked. Correct. Another hashing method
may help. Yup.
My problem is with the chain-of-trust and a lack of reasonable or reasonably reliable (pick)
ways of revoking certificates.
Deepak
More information about the NANOG
mailing list