Comments on: Major Break in MD5 Signed X.509 Certificates http://www.veracode.com/blog/2008/12/major-break-in-md5-signed-x509-certificates/ Application security testing, analysis, and metrics Thu, 09 Feb 2012 11:59:00 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Browser Security Fail, MD5 broken, CA gone rogue | Roy Firestein http://www.veracode.com/blog/2008/12/major-break-in-md5-signed-x509-certificates/comment-page-1/#comment-2477 Browser Security Fail, MD5 broken, CA gone rogue | Roy Firestein Sun, 25 Jan 2009 02:09:38 +0000 http://www.veracode.com/blog/?p=540#comment-2477 [...] analysis (here), (here), (here), (here), (here), (here), (here), (here) and [...] [...] analysis (here), (here), (here), (here), (here), (here), (here), (here) and [...]

]]> By: A look at the CA Cert hack | Mike Andrews http://www.veracode.com/blog/2008/12/major-break-in-md5-signed-x509-certificates/comment-page-1/#comment-2421 A look at the CA Cert hack | Mike Andrews Wed, 07 Jan 2009 11:03:15 +0000 http://www.veracode.com/blog/?p=540#comment-2421 [...] http://blog.phishme.com/2008/12/more-than-one-way-to-skin-a-ca/ http://www.gnucitizen.org/blog/thoughts-on-the-certificate-authority-attack-presented-at-ccc/ http://securosis.com/2008/12/30/what-average-users-need-to-know-about-the-sslroot-certificate-authority-exploit/ http://spiresecurity.typepad.com/spire_security_viewpoint/2009/01/should-verisign-sue-sotirov-appelbaum.html http://www.veracode.com/blog/2008/12/major-break-in-md5-signed-x509-certificates/ [...] [...] http://blog.phishme.com/2008/12/more-than-one-way-to-skin-a-ca/ http://www.gnucitizen.org/blog/thoughts-on-the-certificate-authority-attack-presented-at-ccc/ http://securosis.com/2008/12/30/what-average-users-need-to-know-about-the-sslroot-certificate-authority-exploit/ http://spiresecurity.typepad.com/spire_security_viewpoint/2009/01/should-verisign-sue-sotirov-appelbaum.html http://www.veracode.com/blog/2008/12/major-break-in-md5-signed-x509-certificates/ [...]

]]> By: Chris Eng http://www.veracode.com/blog/2008/12/major-break-in-md5-signed-x509-certificates/comment-page-1/#comment-2411 Chris Eng Tue, 30 Dec 2008 16:20:21 +0000 http://www.veracode.com/blog/?p=540#comment-2411 I ranted about this on Twitter a bit, but I'll write more here since I have more than 140 characters to work with. It's frustrating that people still haven't made the switch from MD5 to stronger hashes, even though the first cracks in MD5 came nearly 5 years ago, in 2004, with the Wang/Yu attack. That should have been enough warning. The gradual nature of cryptographic attacks is like a gift to enterprises -- you get several years head start to fix all your bad code before the full-blown attack is discovered. I remember going through and revising all of our @stake deliverable templates at the time, removing any mention of MD5 from our best practices and recommendations boilerplate text. In fact, I remember discussing with a customer that an attack had been discovered against MD5 earlier that week, and while there wasn't immediate practical risk, they needed to start thinking about how to eradicate MD5 from their applications going forward. For CAs not to have acted on this earlier is a travesty. It's one thing to be using MD5 in your custom web application, where you only hurt yourself if it's compromised. It's another thing entirely for an organization whose business is TRUST not to be taking all possible measures to be trustworthy. I ranted about this on Twitter a bit, but I’ll write more here since I have more than 140 characters to work with.

It’s frustrating that people still haven’t made the switch from MD5 to stronger hashes, even though the first cracks in MD5 came nearly 5 years ago, in 2004, with the Wang/Yu attack. That should have been enough warning. The gradual nature of cryptographic attacks is like a gift to enterprises — you get several years head start to fix all your bad code before the full-blown attack is discovered.

I remember going through and revising all of our @stake deliverable templates at the time, removing any mention of MD5 from our best practices and recommendations boilerplate text. In fact, I remember discussing with a customer that an attack had been discovered against MD5 earlier that week, and while there wasn’t immediate practical risk, they needed to start thinking about how to eradicate MD5 from their applications going forward.

For CAs not to have acted on this earlier is a travesty. It’s one thing to be using MD5 in your custom web application, where you only hurt yourself if it’s compromised. It’s another thing entirely for an organization whose business is TRUST not to be taking all possible measures to be trustworthy.

]]> By: Browser Security Fail, MD5 broken, CA gone rogue « Amrit Williams Blog http://www.veracode.com/blog/2008/12/major-break-in-md5-signed-x509-certificates/comment-page-1/#comment-2410 Browser Security Fail, MD5 broken, CA gone rogue « Amrit Williams Blog Tue, 30 Dec 2008 15:51:06 +0000 http://www.veracode.com/blog/?p=540#comment-2410 [...] analysis (here), (here), (here), (here) and [...] [...] analysis (here), (here), (here), (here) and [...]

]]>