Security team successfully cracks SSL using 200 PS3's and MD5 flaw.

Mikael Abrahamsson swmike at swm.pp.se
Sat Jan 3 17:44:29 UTC 2009


On Sat, 3 Jan 2009, Hank Nussbacher wrote:

> You mean like for BGP neighbors?  Wanna suggest an alternative? :-)

Well, most likely MD5 is better than the alterantive today which is to run 
no authentication/encryption at all.

But we should push whoever is developing these standards to go for SHA-1 
or equivalent instead of MD5 in the longer term.

-- 
Mikael Abrahamsson    email: swmike at swm.pp.se




More information about the NANOG mailing list