Ars Technica

Fatally weak MD5 function torpedoes crypto protections in HTTPS and IPSEC

If you thought MD5 was banished from HTTPS encryption, you’d be wrong. It turns out the fatally weak cryptographic hash function, along with its only slightly stronger SHA1 cousin, are still widely ...
CRN

Verisign Discontinues Flawed MD5 Certificates

Mountain View, Calif.-based Verisign, a managed security service provider, said that it has immediately discontinued the flawed MD5 cryptographic function used for digital signatures, while offering a ...
Wired

Researchers Use PlayStation Cluster to Forge a Web Skeleton Key

A powerful digital certificate that can be used to forge the identity of any website on the internet is in the hands of in international band of security researchers, thanks to a sophisticated attack ...
Computerworld

Identify and eliminate MD5 attacks in two easy steps

Recently, a group of international security researchers demonstrated successful attacks against the Public Key Infrastructure (PKI) used to issue security certificates to Web sites when the signatures ...
Infosecurity-magazine.com

Proof of Concept Attack Further Discredits MD5

Researchers from the École Polytechnique Fédérale de Lausanne in Switzerland, the Eindhoven University of Technology and the University of Berkeley among others used the machines to create a rogue ...
eWeek

Flame Exploited Long-Known Flaw in MD5 Certificate Algorithm

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. By: Robert Lemos A known weakness in the MD5 hash function ...