MD5 considered harmful today

[Chiefcrowe]

http://www.win.tue.nl/hashclash/rogue-ca/

Very interesting stuff i came across today, and already found a site i use that falls under this!!

 

[Fullmetal Chocobo]

It was also mentioned in DC, where they cracked SSL with MD5 using 200 PS3s. Link is here

 

[Zugzwang152]

MD5 is faster than other, better alternatives. But for the generation of an SSL certificate, that doesn't really matter. I'm glad it's finally broken for real so people can move on to better algorithms.

 

[Red Squirrel]

Wow scary, considering most banking sites probably still use SSL. It was bound to be cracked though.

Just curious though how does MD5 and SSL go together? I thought they were totally different, one being a hash algorthm the other being encryption algorthm.

Speaking of MD5, this is fun, and scary, at the same time: http://www.md5oogle.com I can't seem to connect right now so maybe it's been takein down. Was a reverse MD5 lookup site, looked like it was Google's but maybe it was not