Shostack + Friends Blog Archive


Now will you believe MD5 is broken?

I’m just sitting here blinking, having a Brecht moment in which I am laughing at those who are crying and crying at those who are laughing.

At the CCC congress, a number of people did something dramatic — they created a forged SSL certificate. It’s dramatic, but nothing special.

We’ve known that MD5 is broken for over a decade. It’s been undeniable for nearly five years. We have seen people create colliding PDF documents, we’ve seen a prediction of the last Presidential election by having a multi-collision. This is a clever bit of engineering, drama, and publicity, but anyone with cryptographic sense gives it a shrug.

Nonetheless, the twitterverse and blogosphere are chattering about this, which is what makes me laugh.

On the other hand, there are a number of CAs still using MD5, which made the attack possible and they are only now changing. This is what makes me cry.

In a year that has seen organizations crushed because of heads in the sand when chaos emerges, here’s just another.