Re: [Fed-Talk] Whoa Nelly
Re: [Fed-Talk] Whoa Nelly
- Subject: Re: [Fed-Talk] Whoa Nelly
- From: Jeffrey Walton <email@hidden>
- Date: Wed, 05 Sep 2012 12:07:08 -0400
On Wed, Sep 5, 2012 at 11:13 AM, Dave Schroeder <email@hidden> wrote:
>
> Please outline the SPECIFIC, provable risks you believe originate from this information. (Please note that emails (i.e., contents) and passwords are not a part of the data.)
>
> [SNIP]
>
I am somewhat leary of this argument (with all do respect). I try not
to let my own ignorance get in the way of a good security posture.
In 2007, we were warned of chosen-prefix collision attacks on hashes
with certain constructions, including MD5. Many folks continued to use
MD5.
In 2008, Stevens, Sotirov, Lenstra (et al) collided MD5 and created a
rogue CA ("MD5 considered harmful today,"
http://www.win.tue.nl/hashclash/rogue-ca/). CA's responded with,
"Everything is OK if the MD5 cert was issued before this research was
published."
In 2012, we saw a variant of chosen-prefix collision attack (Flame
used it). CAs were wrong, as were many other folks. The folks who were
wrong let there own ignorance get in the way of a sound security
related decision.
I don't discount the value of a UDID in an attack just because I am
not clever enough to formulate the attack.
Jeff
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden