RE: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.From: Deepak Jain <deepak () ai net> Date: Fri, 2 Jan 2009 18:26:33 -0500
If you use bad crypto, you lose no matter what. If you use good
crypto, 2,000,000,000 PS3s won't do the job.
Even if you use good crypto, and someone steals your key (say, a previously in-access person) you need a way to
reliably, completely, revoke it. This has been a problem with SSL since its
[implementation] inception. Lots of math (crypto) is good on paper and fails at the implementation stage.