Security team successfully cracks SSL using 200 PS3's and MD5

William Warren hescominsoon at emmanuelcomputerconsulting.com
Sat Jan 3 08:35:06 CST 2009


Dragos Ruiu wrote:
>
> On 2-Jan-09, at 9:56 AM, Robert Mathews (OSIA) wrote:
>
>> Joe Greco wrote:
>>> [ ....  ]
>>>
>>> Either we take the potential for transparent MitM attacks seriously, or
>>> we do not.  I'm sure the NSA would prefer "not."  :-)
>>>
>>> As for the points raised in your message, yes, there are additional
>>> problems with clients that have not taken this seriously.  It is, 
>>> however,
>>> one thing to have locks on your door that you do not lock, and another
>>> thing entirely not to have locks (and therefore completely lack the
>>> ability to lock).  I hope that there is some serious thought going 
>>> on in
>>> the browser groups about this sort of issue.
>>>
>>> [ ... ]
>>>
>>> ... JG
>>
>> F Y I, see:
>>
>> SSL Blacklist 4.0 - for a Firefox extension able to detect 'bad'
>> certificates @
>> http://www.codefromthe70s.org/sslblacklist.aspx
>>
>> Best.
>
> Snort rule to detect said...
>
> url: http://vrt-sourcefire.blogspot.com/2009/01/md5-actually-harmful.html
>
> alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"POLICY Weak 
> SSL OSCP response -- MD5 usage"; content:"content-type: 
> application/ocsp-response"; content:"2A 86 48 86 F7 0D 01 01 05"; 
> metadata: policy security-ips drop, service http; reference: url, 
> www.win.tue.nl/hashclash/rogue-ca/; classtype: policy-violation; 
> sid:1000001;)
>
> cheers,
> --dr
>
> -- 
> World Security Pros. Cutting Edge Training, Tools, and Techniques
> Vancouver, Canada  March 16-20 2009  http://cansecwest.com
> London, U.K. May 27/28 2009 http://eusecwest.com
> pgpkey http://dragos.com/ kyxpgp
>
>
>
Everyone seems to be stampeding to SHA-1..yet it was broken in 2005.  So 
we trade MD5 for SHA-1?  This makes no sense.




More information about the NANOG mailing list