A Simple Disciple's Life: Creating a Fake CA Certificate

« 'Holidays' | Main | 5 Years as a Christian, Going for a PhD »

December 31, 2008

Creating a Fake CA Certificate

I have to say, beautiful work...

MD5 considered harmful today
The authors describe how they were able to create a CA certificate that would be trusted by a browser. it involves smartly crafted MD5 collision attacks. Some of the work is novel, as in how they came up with the collision. Other part is out of 'sheer luck' in a sense. All it took was a CA that was dumb enough to use MD5 AND sequential serial numbers, both of which should be easily removed from tomorrow onwards. Still, nice and solid work.

Its been some time that I've enjoyed reading a scientific article...

Edited to add:
The problem is 'fixed', at least for Verisign.

Posted by ma at December 31, 2008 3:33 PM in Software

Trackback Pings

TrackBack URL for this entry:
http://mlaverd.theunixplace.com/blog-cgi/mt-tb.cgi/380

A Simple Disciple's Life

A public diary about a crazy life

December 31, 2008

Creating a Fake CA Certificate

Trackback Pings