Home page logo
/

nanog logo nanog mailing list archives

RE: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
From: Deepak Jain <deepak () ai net>
Date: Fri, 2 Jan 2009 16:16:20 -0500

ssl itself wasn't cracked they simply exploited the known vulnerable
md5
hashing.  Another hashing method needs to be used.

The encryption algorithm wasn't hacked. Correct. Another hashing method 
may help. Yup. 

My problem is with the chain-of-trust and a lack of reasonable or reasonably reliable (pick) 
ways of revoking certificates. 

Deepak


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault