A better approach to security

[Christophe Meessen <christophe AT meessen.net>]

Philipp Guehring a écrit :
> Hi,
>   
> > If MD5 is cracked
> >     
> No.
> Unfortunately, there are various attack-vectors, and MD5 only fell for
> one of them yet.
>
>   
> > so that collistions can be constructed 
> >     
> Yes, at the moment, you have to construct both sides of the collissions.
>   
Thank you very much. I missed that piece of information.

...
> No. It might be worthless, it might be worth something. The problem is
> that by only looking at the certificates, you can't know whether they
> are worthless or not. You would have to ask the CA, whether they
> actually issued that certificate, or not.
>   
In terms of certification it is worthless because the validity is 
uncertain and there is no safe and efficient mean to ask the CA.
It looks like MD5 signed certificates have to be discarded.

Regarding self signed certificates using MD5 or MD2 I wouldn't assume 
them to be safe. The possibility to generate an MD5 collision with a 
given MD5 value may be around the corner, if not already feasible but 
not known to the public.

It is the right time for a new and stronger hash algorithm.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature