Blog icon“MD5 insecurity affects all internet users” – SC Magazine

Carolina Advanced Digital, Inc. > Blog > Blog > “MD5 insecurity affects all internet users” – SC Magazine

“MD5 insecurity affects all internet users” – SC Magazine

Carolina Advanced Digital Quotables

MD5 insecurity affects all internet users
SC Magazine

Angela Moscaritolo
December 31, 2008

Usually the bad actions of a company only affect its own customers. However, Certification Authorities (CA) that have not yet migrated away from MD5 to a more secure cryptographic hash function are causing problems that affect everyone, said Paul Kocher, president and chief scientist of Cryptography Research.

Security professionals have sounded off after a team of researchers on Tuesday revealed a weakness in the MD5 cryptographic hash function which could allow an attacker to create a rogue Certification Authority (CA) certificate and potentially impersonate any website, including those secured by the HTTPS protocol.

Read the story
http://www.scmagazineus.com/MD5-insecurity-affects-all-internet-users/article/123448