Archive for December, 2008

Rogue Root CAs because of MD5 collisions

December 30, 2008

Quoting from http://www.phreedom.org/research/rogue-ca/ “As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers. This certificate allows us to impersonate any website on the Internet, including banking and e-commerce sites secured using the HTTPS...

Read More