[110307] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RE: Security team successfully cracks SSL using 200 PS3's and MD5

daemon@ATHENA.MIT.EDU (Deepak Jain)
Fri Jan 2 16:14:10 2009

From: Deepak Jain <deepak@ai.net>
To: "Steven M. Bellovin" <smb@cs.columbia.edu>
Date: Fri, 2 Jan 2009 16:13:45 -0500
In-Reply-To: <20090102155812.1cc85ee6@cs.columbia.edu>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org

> If done properly, that's actually an easier task: you build the update
> key into the browser.  When it pulls in an update, it verifies that it
> was signed with the proper key.
>=20

If you build it into the browser, how do you revoke it when someone throws =
2000 PS3s to crack it, or your hash, or your [pick algorithmic mistake here=
].

Deepak


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[110307] in North American Network Operators' Group

RE: Security team successfully cracks SSL using 200 PS3's and MD5

daemon@ATHENA.MIT.EDU (Deepak Jain)Fri Jan 2 16:14:10 2009

daemon@ATHENA.MIT.EDU (Deepak Jain)
Fri Jan 2 16:14:10 2009