Results 1 
3 of
3
Chosenprefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities
"... We present a novel, automated way to find differential paths for MD5. As an application we have shown how, at an approximate expected cost of 2 50 calls to the MD5 compression function, for any two chosen message prefixes P and P ′ , suffixes S and S ′ can be constructed such that the concatenated ..."
Abstract

Cited by 25 (0 self)
 Add to MetaCart
(Show Context)
We present a novel, automated way to find differential paths for MD5. As an application we have shown how, at an approximate expected cost of 2 50 calls to the MD5 compression function, for any two chosen message prefixes P and P ′ , suffixes S and S ′ can be constructed such that the concatenated values P �S and P ′ �S ′ collide under MD5. Although the practical attack potential of this construction of chosenprefix collisions is limited, it is of greater concern than random collisions for MD5. To illustrate the practicality of our method, we constructed two MD5 based X.509 certificates with identical signatures but different public keys and different Distinguished Name fields, whereas our previous construction of colliding X.509 certificates required identical name fields. We speculate on other possibilities for abusing chosenprefix collisions. More details than can be included here can be found on www.win.tue.nl/hashclash/ChosenPrefixCollisions/.
Spam, Phishing, and the Looming Challenge of Big Botnets
"... What could a spammer or phisher do with a botnet of a thousand machines? a hundred thousand? a million? “Send lots of email ” is the least worrisome answer to these questions. As antispam and antiphishing defenses improve, there is more than sufficient financial motivation for spammers and phisher ..."
Abstract
 Add to MetaCart
(Show Context)
What could a spammer or phisher do with a botnet of a thousand machines? a hundred thousand? a million? “Send lots of email ” is the least worrisome answer to these questions. As antispam and antiphishing defenses improve, there is more than sufficient financial motivation for spammers and phishers to consider what they can accomplish with enormous scale. We begin by looking at a wide range of antispam defenses. Many of these, like rate limiting and port 25 blocking, will simply no longer work against big botnets; we explain why. Further, the basic cryptographic assumptions underlying the implementation of SSL certificates and DomainKeys/DKIM need reexamination in light of the massive computing power of big botnets. We describe possible attacks by spammers and phishers, and the implications these attacks have in terms of defense. 1