nanog mailing list archives
Re: SHA1 collisions proven possisble
From: Randy Bush <randy () psg com>
Date: Mon, 27 Feb 2017 16:03:40 +0700
1. Create a certificate C[ert] for a single domain you control with hash h(c). 2. Create a second certificate A[ttack] marked as a certificate authority such that h(C) = h(A). 3. Have a certificate authority sign cert C 4. Present the signature for A along with A for whatever nefarious purpose you want.
luckily, step 2 can be done in a minute on a raspberry pi
Current thread:
- Re: SHA1 collisions proven possisble, (continued)
- Re: SHA1 collisions proven possisble Jimmy Hess (Feb 25)
- Re: SHA1 collisions proven possisble Patrick W. Gilmore (Feb 26)
- Re: SHA1 collisions proven possisble Nick Hilliard (Feb 26)
- Re: SHA1 collisions proven possisble Brett Frankenberger (Feb 26)
- Re: SHA1 collisions proven possisble Matt Palmer (Feb 26)
- RE: SHA1 collisions proven possisble Keith Medcalf (Feb 26)
- RE: SHA1 collisions proven possisble Jon Lewis (Feb 27)
- Re: SHA1 collisions proven possisble valdis . kletnieks (Feb 27)
- Re: SHA1 collisions proven possisble Patrick W. Gilmore (Feb 26)
- Re: SHA1 collisions proven possisble Eitan Adler (Feb 26)
- Re: SHA1 collisions proven possisble Randy Bush (Feb 27)
- Re: SHA1 collisions proven possisble Matt Palmer (Feb 26)
- Re: SHA1 collisions proven possisble valdis . kletnieks (Feb 27)
- Re: SHA1 collisions proven possisble Chris Adams (Feb 27)