nanog mailing list archives
Re: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
From: William Warren <hescominsoon () emmanuelcomputerconsulting com>
Date: Fri, 02 Jan 2009 16:09:32 -0500
Rodrick Brown wrote:
ssl itself wasn't cracked they simply exploited the known vulnerable md5 hashing. Another hashing method needs to be used.A team of security researchers and academics has broken a core piece of Internet technology. They made their work public at the 25th Chaos Communication Congress in Berlin today. The team was able to create a rogue certificate authority and use it to issue valid SSL certificates for any site they want. The user would have no indication that their HTTPS connection was being monitored/modified. http://hackaday.com/2008/12/30/25c3-hackers-completely-break-ssl-using-200-ps3s/ http://phreedom.org/research/rogue-ca/ -- [ Rodrick R. Brown ] http://www.rodrickbrown.com http://www.linkedin.com/in/rodrickbrown
Current thread:
- Re: Security team successfully cracks SSL using 200 PS3's and MD5, (continued)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Brian Keefer (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Florian Weimer (Jan 03)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Joe Greco (Jan 04)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Brian Keefer (Jan 04)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Joe Greco (Jan 04)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Valdis . Kletnieks (Jan 04)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Florian Weimer (Jan 03)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 flaw. Martin List-Petersen (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 flaw. Gadi Evron (Jan 02)
- RE: Security team successfully cracks SSL using 200 PS3's and MD5 flaw. Deepak Jain (Jan 02)