Re: Rejecting SHA-1 certificates

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11-07-17 23:44, Salz, Rich via openssl-users wrote:
>> It's very well worth the effort, otherwise there's a security issue, because certificates can be forged.
> 
> No they cannot.
> 
> What *has* been done is a document was created with "weak spots" and another document was created that  changed those weak spots, but the digest was the same.

Correct me if I'm wrong, but wasn't the MD5 certificate hack presented
back at 25C3 based on exactly that scenario? They used the serial number
and timestamp or some other such thing (don't recall the details) as
weak spots and then sent loads of certificate requests to the CA to
effecively brute-force it.

(Of course, CAs are now required to randomize their serial number, so
since that particular attack isn't possible anymore, I agree that for
the time being it's still not a feasible scenario for SHA1, but hey)

-- 
Wouter Verhelst
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux