Researchers Show How to Forge Site Certificates |

David G. Koontz david_koontz at
Tue Dec 30 14:25:04 EST 2008

 By Ed Felten - Posted on December 30th, 2008 at 11:18 am

Today at the Chaos Computing Congress, a group of researchers (Alex Sotirov,
Marc Stevens, Jake Appelbaum, Arjen Lenstra, Benne de Weger, and David
Molnar) announced that they have found a way to forge website certificates
that will be accepted as valid by most browsers. This means that they can
successfully impersonate any website, even for secure connections.


Through the  use of MD5 collisions.  The slides from the presentation are
available here:

The presentation entitled "MD5 considered harmful today, Creating a rogue CA

The collisions were found with a cluster of 200 PlayStation 3's. (slide
number 3, see slide number 25 for a picture of the cluster, a collision
taking one to two days)

They apparently did a live demo using forged certificates in a man in the
middle attack using a wireless network during the demonstration with access
by the audience. (slide number 5)

 CAs still using MD5 in 2008:  (slide number 19)
  ? RapidSSL
  ? FreeSSL
  ? TrustCenter
  ? RSA Data Security
  ? Thawte

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list