[110308] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RE: Security team successfully cracks SSL using 200 PS3's and MD5

daemon@ATHENA.MIT.EDU (Deepak Jain)
Fri Jan 2 16:16:40 2009

From: Deepak Jain <deepak@ai.net>
To: William Warren <hescominsoon@emmanuelcomputerconsulting.com>,
	"nanog@nanog.org" <nanog@nanog.org>
Date: Fri, 2 Jan 2009 16:16:20 -0500
In-Reply-To: <495E828C.3030205@emmanuelcomputerconsulting.com>
Errors-To: nanog-bounces@nanog.org

> ssl itself wasn't cracked they simply exploited the known vulnerable
> md5
> hashing.  Another hashing method needs to be used.

The encryption algorithm wasn't hacked. Correct. Another hashing method=20
may help. Yup.=20

My problem is with the chain-of-trust and a lack of reasonable or reasonabl=
y reliable (pick)=20
ways of revoking certificates.=20

Deepak


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[110308] in North American Network Operators' Group

RE: Security team successfully cracks SSL using 200 PS3's and MD5

daemon@ATHENA.MIT.EDU (Deepak Jain)Fri Jan 2 16:16:40 2009

daemon@ATHENA.MIT.EDU (Deepak Jain)
Fri Jan 2 16:16:40 2009