tag

hash

MD5/SSL: is the sky falling?

Lots of fuss about the paper presented at the Chaos Communication Congress in Berlin yesterday by Alexander Sotirov et al. The paper describes a proof-of-concept attack using a weakness in the MD5 cryptographic hash function to create a rogue Cerification Authority certificate using a hash collision (essentially, two messages with the same MD5 hash value).

Follow us

Copyright © 2016 ESET, All Rights Reserved.