nanog mailing list archives
Re: Security team successfully cracks SSL using 200 PS3's and MD5
From: "Steven M. Bellovin" <smb () cs columbia edu>
Date: Sat, 3 Jan 2009 10:49:04 -0500
On Sat, 03 Jan 2009 09:35:06 -0500 William Warren <hescominsoon () emmanuelcomputerconsulting com> wrote:
Everyone seems to be stampeding to SHA-1..yet it was broken in 2005. So we trade MD5 for SHA-1? This makes no sense.
(a) SHA-1 was not broken as badly. The best attack is, as I recall, 2^63, which is computationally infeasible without special-purpose hardware. (b) Per a paper Eric Rescorla and I wrote, there's no usable alternative, since too many protocols (including TLS) don't negotiate hash functions before presenting certificates. In particular, this means that a web site can't use SHA-256 because (1) most clients won't support it; and (2) it can't tell which ones do. (Note that this argument applies just as much to combinations of hash functions -- anything that *the large majority of today's* browsers don't implement isn't usable.) These two points lead us to (c): security is a matter of economics, not algorithms. Switching now to something else loses more in connectivity or customers than you would lose from such an expensive attack. --Steve Bellovin, http://www.cs.columbia.edu/~smb
Current thread:
- Re: Security team successfully cracks SSL using 200 PS3's and MD5, (continued)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Mark Andrews (Jan 05)
- RE: Security team successfully cracks SSL using 200 PS3's and MD5 Stasiniewicz, Adam (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Robert Mathews (OSIA) (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Dragos Ruiu (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Gadi Evron (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Dragos Ruiu (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Christopher Morrow (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 William Warren (Jan 03)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Dorn Hetzel (Jan 03)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Marshall Eubanks (Jan 03)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Steven M. Bellovin (Jan 03)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Christopher Morrow (Jan 03)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Steven M. Bellovin (Jan 03)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Nick Hilliard (Jan 03)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Florian Weimer (Jan 03)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Christopher Morrow (Jan 03)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Florian Weimer (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Joe Greco (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Neil (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Etaoin Shrdlu (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Joe Greco (Jan 02)