[110374] in North American Network Operators' Group
Re: Security team successfully cracks SSL using 200 PS3's and MD5
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Sun Jan 4 17:52:18 2009
To: Joe Greco <jgreco@ns.sol.net>
In-Reply-To: Your message of "Sun, 04 Jan 2009 15:58:34 CST."
<200901042158.n04LwYgp048368@aurora.sol.net>
From: Valdis.Kletnieks@vt.edu
Date: Sun, 04 Jan 2009 17:52:10 -0500
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
--==_Exmh_1231109530_3795P
Content-Type: text/plain; charset=us-ascii
On Sun, 04 Jan 2009 15:58:34 CST, Joe Greco said:
> > Technically the only thing necessary to prevent
> > this attack has already been done, and that is to stop issuing certs
> > signed with MD5 so that no one else can create a rogue CA via this
> > means.
>
> Are we certain that existing certs cannot be subverted?
The attack depends on being able to to jigger up *two* certs that have the
same MD5 hash. Therefor, attacking an existing cert would require either:
1) That the existing cert be one of a pair (in other words, somebody else
already knew about the current attack and also did it).
or
2) Somebody has found a way to cause a collision to a specified MD5 hash (which
is still impractical, AFAIK).
If anybody has a subvertible cert, it's pretty safe to guess that they *know*
they have such a cert, because they themselves *built* the cert that way.
--==_Exmh_1231109530_3795P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFJYT2acC3lWbTT17ARArHuAJ0WaC+89bhHn242UNx0P4Il8S/kcQCgl4xt
YUiLv6xh5KH3tSth+C6Z25o=
=2hGF
-----END PGP SIGNATURE-----
--==_Exmh_1231109530_3795P--
