[110323] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RE: Security team successfully cracks SSL using 200 PS3's and MD5

daemon@ATHENA.MIT.EDU (Deepak Jain)
Fri Jan 2 18:26:54 2009

From: Deepak Jain <deepak@ai.net>
To: "Steven M. Bellovin" <smb@cs.columbia.edu>
Date: Fri, 2 Jan 2009 18:26:33 -0500
In-Reply-To: <20090102174556.15b088e9@cs.columbia.edu>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org

> If you use bad crypto, you lose no matter what.  If you use good
> crypto, 2,000,000,000 PS3s won't do the job.
>=20

Even if you use good crypto, and someone steals your key (say, a previously=
 in-access person) you need a way to reliably, completely, revoke it. This =
has been a problem with SSL since its
[implementation] inception. Lots of math (crypto) is good on paper and fail=
s at the implementation stage.

Deepak


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[110323] in North American Network Operators' Group

RE: Security team successfully cracks SSL using 200 PS3's and MD5

daemon@ATHENA.MIT.EDU (Deepak Jain)Fri Jan 2 18:26:54 2009

daemon@ATHENA.MIT.EDU (Deepak Jain)
Fri Jan 2 18:26:54 2009