[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Security team successfully cracks SSL using 200 PS3's and MD5

Subject: Security team successfully cracks SSL using 200 PS3's and MD5
From: ge at linuxbox.org (Gadi Evron)
Date: Fri, 2 Jan 2009 20:53:06 -0600 (CST)
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]>

On Fri, 2 Jan 2009, Dragos Ruiu wrote:
> www.win.tue.nl/hashclash/rogue-ca/; classtype: policy-violation; 
> sid:1000001;)

You can't really use any snort rule to detect SHA-1 certs created by a 
fake authority created using the MD5 issue.

Yes, this is a serious matter, but it hardly has any operational impact to 
speak of for users and none for NSPs.

 	Gadi.

Follow-Ups:
- Security team successfully cracks SSL using 200 PS3's and MD5
  - From: dr at kyx.net (Dragos Ruiu)

References:
- Security team successfully cracks SSL using 200 PS3's and MD5
  - From: jgreco at ns.sol.net (Joe Greco)
- Security team successfully cracks SSL using 200 PS3's and MD5
  - From: mathews at hawaii.edu (Robert Mathews (OSIA))
- Security team successfully cracks SSL using 200 PS3's and MD5
  - From: dr at kyx.net (Dragos Ruiu)

Prev by Date: Security team successfully cracks SSL using 200 PS3's and MD5
Next by Date: Security team successfully cracks SSL using 200 PS3's and MD5
Previous by thread: Security team successfully cracks SSL using 200 PS3's and MD5
Next by thread: Security team successfully cracks SSL using 200 PS3's and MD5
Index(es):
- Date
- Thread