Results 1 to 6 of 6

Thread: Uh oh, SSL! 200 PS3s gunning for you

  1. #1
    Senior Member phernandez's Avatar
    Join Date
    Aug 2003
    Location
    NYC
    Posts
    246

    Uh oh, SSL! 200 PS3s gunning for you

    Ah, the Playstation 3... Might be outsold by the Wii and Xbox 360, but it has been leading to some interesting IT diversions.


    MD5 considered harmful today: Creating a rogue CA certificate

    Our attack takes advantage of a weakness in the MD5 cryptographic hash function that allows the construction of different messages with the same MD5 hash. This is known as an MD5 "collision". Previous work on MD5 collisions between 2004 and 2007 showed that the use of this hash function in digital signatures can lead to theoretical attack scenarios. Our current work proves that at least one attack scenario can be exploited in practice, thus exposing the security infrastructure of the web to realistic threats.

    ...A single attempt for constructing a chosen-prefix collision costs about a little more than a day. The first stage consisting of the birthday search is computationally the most expensive. Luckily it is also very suited for the special SPU cores of the Cell Processor that the Sony PlayStation 3 uses. We had about 200 PS3s at our disposal, located at the "PlayStation Lab" of Arjen Lenstra at EPFL, Lausanne, Switzerland (see the picture). The birthdaying takes about 18 hours on the 200 PS3s using 30GB of memory that was equally divided over the PS3s.
    [via Engadget]

  2. #2
    AO's Filibustier Cheap Scotch Ron's Avatar
    Join Date
    Nov 2008
    Location
    Swamps of Jersey
    Posts
    378
    I vaguely recall this exposure (MD5 collisions) publicized a few years ago. I guess someone finally implemented the theory. To mitigate the risk, you salt the key before encryption. Use a large salt sequence. That should make it practically "impossible"... at least for a little while. FYI.. VeriSign no longer uses MD5 for their checksum.

    CSR
    In God We Trust....Everything else we backup.

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    The hardware side is certainly familiar:

    Game consoles use hardware specialized for the computational needs of the detailed 3D graphics in games. This hardware is also very suited for the basic arithmetic used in cryptographic algorithms and greatly outperforms general purpose computers on brute-force computations. We have found that one PlayStation 3 game console is equivalent to about 40 modern single core processors. The most computationally intensive part of our method required about 3 days of work with over 200 game consoles, which is equivalent to 32 years of computing on a typical desktop computer. Common graphic cards have been used by some for MD5 cryptanalysis as well.
    GPU and game console processors are much better at this sort of thing than your general purpose PC processor.

  4. #4
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    Quote Originally Posted by nihil View Post
    GPU and game console processors are much better at this sort of thing than your general purpose PC processor.
    Very true, that is because they are multi-threaded and still run at a high frequency. Last I checked some single core GPUS are capable of running 256 threads!

  5. #5
    AO's Filibustier Cheap Scotch Ron's Avatar
    Join Date
    Nov 2008
    Location
    Swamps of Jersey
    Posts
    378
    related article...

    http://www.tgdaily.com/html_tmp/cont...40806-108.html

    I checked all my client certificates as well as the https sites I frequent. I didnt find any exposures.
    I wonder how much of this is marketing tactics.
    Last edited by Cheap Scotch Ron; January 4th, 2009 at 10:24 PM.
    In God We Trust....Everything else we backup.

  6. #6
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    http://www.tomshardware.co.uk/Sony-P...ews-29961.html

    We alerted to this story some days ago but it's now official. Independent researchers Jacob Appelbaum and Alexander Sotirov, as well as computer scientists from the Centrum Wiskunde&Informatica, the Ecole Polytechnique Federale de Lausanne, the Eindhoven University of Technology and the University of California, Berkeley have successfully used 200 PS3's to break of one of the MD5 algorithms used in issuing security certificates for websites. Security certificates are used to confirm that a website is legitimate and not an attempt to mislead the visitor. Once the team broke though the algorithm, they were able to hack into the RapidSSL.com website. After this, the team was able to produce false security certificates that had identical MD5 hash values as legitimate certificates.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •