[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Security team successfully cracks SSL using 200 PS3's and MD5 flaw.

Subject: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
From: deepak at ai.net (Deepak Jain)
Date: Fri, 2 Jan 2009 16:16:20 -0500
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]>

> ssl itself wasn't cracked they simply exploited the known vulnerable
> md5
> hashing.  Another hashing method needs to be used.

The encryption algorithm wasn't hacked. Correct. Another hashing method 
may help. Yup. 

My problem is with the chain-of-trust and a lack of reasonable or reasonably reliable (pick) 
ways of revoking certificates. 

Deepak

References:
- Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
  - From: rodrick.brown at gmail.com (Rodrick Brown)
- Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
  - From: hescominsoon at emmanuelcomputerconsulting.com (William Warren)

Prev by Date: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
Next by Date: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
Previous by thread: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
Next by thread: Looking for verification that Google and Akamai have the geo-ip for 96.31.0.0/20 set correctly
Index(es):
- Date
- Thread