[16992] in cryptography@c2.net mail archive
Colliding X.509 Certificates
daemon@ATHENA.MIT.EDU (Weger, B.M.M. de)
Thu Mar 3 19:14:01 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Tue, 1 Mar 2005 20:21:37 +0100
From: "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl>
To: <cryptography@metzdowd.com>
Hi all,
We announce the construction of two different valid X.509 certificates
that have identical signatures. This is based on MD5 collisions.
One could e.g. construct the to-be-signed parts of the certificates,
and get the one certificate signed by a CA. Then a valid signature for=20
the other certificate is obtained, while the CA has not seen proof of=20
possession of the private key of this second certificate.=20
The certificates we constructed can be downloaded from
http://www.win.tue.nl/~bdeweger/CollidingCertificates/.
>From this site some more technical information can be downloaded as
well.
We provide a short paper explaining in detail our method.
It is available on the website, and on the Cryptology ePrint Archive,
at http://eprint.iacr.org/2005/067.
This is joint work with Arjen Lenstra (Lucent Bell Labs and TU
Eindhoven)
and Xiaoyun Wang (Shandong University).
Grtz,
Benne de Weger
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=20
Technische Universiteit Eindhoven=20
Coding & Crypto Groep=20
Faculteit Wiskunde en Informatica=20
Den Dolech 2=20
Postbus 513=20
5600 MB Eindhoven=20
e-mail: b@m@m@d@weger.tue@nl=20
www: http://www.win.tue.nl/~bdeweger=20
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=20
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com