nanog mailing list archives

RE: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.

From: Deepak Jain <deepak () ai net>
Date: Fri, 2 Jan 2009 16:16:20 -0500

ssl itself wasn't cracked they simply exploited the known vulnerable
md5
hashing.  Another hashing method needs to be used.


The encryption algorithm wasn't hacked. Correct. Another hashing method 
may help. Yup. 

My problem is with the chain-of-trust and a lack of reasonable or reasonably reliable (pick) 
ways of revoking certificates. 

Deepak

Current thread:

Re: Security team successfully cracks SSL using 200 PS3's and MD5, (continued)
- - - Re: Security team successfully cracks SSL using 200 PS3's and MD5 Florian Weimer (Jan 03)
    - Re: Security team successfully cracks SSL using 200 PS3's and MD5 Joe Greco (Jan 04)
    - Re: Security team successfully cracks SSL using 200 PS3's and MD5 Brian Keefer (Jan 04)
    - Re: Security team successfully cracks SSL using 200 PS3's and MD5 Joe Greco (Jan 04)
    - Re: Security team successfully cracks SSL using 200 PS3's and MD5 Valdis . Kletnieks (Jan 04)
    - Re: Security team successfully cracks SSL using 200 PS3's and MD5 Florian Weimer (Jan 03)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 flaw. Joe Abley (Jan 02)
  - Re: Security team successfully cracks SSL using 200 PS3's and MD5 flaw. Martin List-Petersen (Jan 02)
  - Re: Security team successfully cracks SSL using 200 PS3's and MD5 flaw. Gadi Evron (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 flaw. William Warren (Jan 02)
  - RE: Security team successfully cracks SSL using 200 PS3's and MD5 flaw. Deepak Jain (Jan 02)