Security team successfully cracks SSL using 200 PS3's and MD5

Fri Jan 2 23:29:56 UTC 2009

> * Joe Greco:
> > It seems that part of the proposed solution is to get people to move from
> > MD5-signed to SHA1-signed.  There will be a certain amount of resistance.
> > What I was suggesting was the use of the revocation mechanism as part of
> > the "stick" (think carrot-and-stick) in a campaign to replace MD5-based
> > certs.  If there is a credible threat to MD5-signed certs, then forcing
> > their retirement would seem to be a reasonable reaction, but everyone here
> > knows how successful "voluntary" conversion strategies typically are.
> 
> A CA statement that they won't issue MD5-signed certificates in the
> future should be sufficient.  There's no need to reissue old
> certificates, unless the CA thinks other customers have attacked it.

That would seem to be at odds with what the people who documented this 
problem believe.

> > Either we take the potential for transparent MitM attacks seriously, or 
> > we do not.  I'm sure the NSA would prefer "not."  :-)
> 
> I doubt the NSA is interested in MITM attacks which can be spotted by
> comparing key material. 8-)

Doubting that the NSA might be interested in any given technique is, of
course, good for the NSA.  Our national security people have been known
to use imperfect interception technologies when it suits the task at hand.
Do people here really so quickly forget things?  There was a talk on
Carnivore given in 2000 at NANOG 20, IIRC, and I believe that one of the
instigating causes of that talk was problems that Earthlink had experienced
when the FBI had deployed Carnivore there.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.