Home page logo

nanog logo nanog mailing list archives

RE: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
From: Deepak Jain <deepak () ai net>
Date: Fri, 2 Jan 2009 18:26:33 -0500

If you use bad crypto, you lose no matter what.  If you use good
crypto, 2,000,000,000 PS3s won't do the job.

Even if you use good crypto, and someone steals your key (say, a previously in-access person) you need a way to 
reliably, completely, revoke it. This has been a problem with SSL since its
[implementation] inception. Lots of math (crypto) is good on paper and fails at the implementation stage.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]