Thursday, January 1, 2009

MD5 broken - Rogue CA certificate created

The ACM TechNews contained a pointer to an interesting article. The MD5 hash algorithm is broken. Based on this weakness, researches have succeeded in creating their own intermediary CA certificate. And this in turn allows them to sign whatever SSL certificate they want!

The presentation by the researchers is quite clear and very interesting. The researchers used 200 PS-3 game consoles, but Amazon EC2 could have been used just as well. They also leveraged some weaknesses in the CA they attacked (RapidSSL): use of MD5 (obviously), predication of serial number (sequential) and validity (fixed amount of time to generate cert).

Their conclusion:
  • No need to panic, the Internet is not completely broken
  • The affected CAs are switching to SHA-1
  • Making the theoretical possible is sometimes the only way you can affect change and secure the Internet
Anyway, it's getting time to move to something stronger than SHA-1 as well.

No comments: