Fatally weak MD5 function torpedoes crypto protections in HTTPS and IPSEC
|
|
If you thought MD5 was banished from HTTPS encryption, you'd be wrong. It turns out the fatally weak cryptographic hash function, along with its only slightly stronger SHA1 cousin, are still widely used in the transport layer security protocol that underpins HTTPS. Now, researchers have devised a series of attacks that exploit the weaknesses to break or degrade key protections provided not only by HTTPS but also other encryption protocols, including Internet Protocol Security and secure shell.
|
|
Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.
