News of MD5 weaknesses have been around for a while but this recent publication goes further by demonstrating how this impacts X.509 certificates and our trust in secure web browsing (a lighter explanation of MD5’s weakness can be read here).
Basically one can create a rogue CA (certificate authority) certificate that will be trusted by most web browsers. The weakness at the crux of the issue is that it is possible to create collisions (2 messages leading to the same hash) with MD5. By extension, a rogue CA can create a certificate with a hash that matches the one of a certificate issued by a trusted root CA (one browsers trust).

I guess it’s fair to assume that all MD5-based signatures on certificates (or CRLs for that matter) should be rejected.

Advertisements