“MD5 considered harmful today”

Harmful yesterday too

An absolutely awesome presentation on the weaknesses in the public key infrastructure (that which purportedly makes secure websites safe)…

The vulnerability we expose is not in the SSL protocol or the web servers and browsers that implement it, but in the Public Key Infrastructure. This infrastructure has applications in other areas than the web, but we have not investigated all other possible attack scenarios. So other attack scenarios beyond the web are conceivable, such as in the areas of code signing, e-mail security, and in other areas that use certificates for enabling digital signatures or public key encryption.

Use SHA-1, you say? Heh, folks are already working on SHA-3, and I doubt it is because they’re bored.

Still, great work on something that was long held theoretically possible. I don’t think miscreants will bother with such heavy lifting though – a colleague of mine noted they can just get a garbage cert, or a more authoritative one for a garbage website name (i.e. a misspelling), and roll the dice. It’s our impression that most of the technical exploits also require screwing with DNS, and we’d love to hear more on whether that’s truly the case.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.