Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Hackers have now beaten SSL!!
Message
From
30/12/2008 20:11:32
Al Doman
M3 Enterprises Inc.
North Vancouver, British Columbia, Canada
 
General information
Forum:
Windows
Category:
Computing in general
Title:
Re: Hackers have now beaten SSL!!
Miscellaneous
Thread ID:
01370267
Message ID:
01370275
Views:
14
>http://www.win.tue.nl/hashclash/rogue-ca/
>
>Ya it required 200 PS3's to do it. Basicly by exploiting a flaw in the MD5 cryptographic algorithm they were able to create a rogue Certification Authority which allows them to create their own SSL certificates.

MS has an advisory at http://www.microsoft.com/technet/security/advisory/961509.mspx

Modern certs based on SHA-1 are not affected, and the MD5 hack is still not "practical" (for now, anyways).
Regards. Al

"Violence is the last refuge of the incompetent." -- Isaac Asimov
"Never let your sense of morals prevent you from doing what is right." -- Isaac Asimov

Neither a despot, nor a doormat, be

Every app wants to be a database app when it grows up
Previous
Reply
Map
View

Click here to load this message in the networking platform