Security team successfully cracks SSL using 200 PS3's and MD5 flaw.

Deepak Jain deepak at ai.net
Fri Jan 2 17:26:33 CST 2009


> If you use bad crypto, you lose no matter what.  If you use good
> crypto, 2,000,000,000 PS3s won't do the job.
> 

Even if you use good crypto, and someone steals your key (say, a previously in-access person) you need a way to reliably, completely, revoke it. This has been a problem with SSL since its
[implementation] inception. Lots of math (crypto) is good on paper and fails at the implementation stage.

Deepak




More information about the NANOG mailing list