<br><div class="gmail_quote">2009/8/12 <span dir="ltr"><<a href="mailto:Ray.Bellis@nominet.org.uk">Ray.Bellis@nominet.org.uk</a>></span><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<tt><font size="2"><br>
> > </font></tt><a href="http://www.win.tue.nl/hashclash/rogue-ca/" target="_blank"><tt><font size="2">http://www.win.tue.nl/hashclash/rogue-ca/</font></tt></a><tt><font size="2"><br>
> <br>
> This doesn't match the "specified fingerprint" requirement.<br>
</font></tt>
<br><tt><font size="2">It doesn't? I thought the whole point of the
attack was to produce a new X.509 cert which has the same MD5 fingerprint
as an existing cert.</font></tt>
<br>
<br><tt><font size="2">Ray</font></tt>
<br></blockquote></div><br>But that example was when the genuine and false certificates were both in the control of the researchers. Our fraudster would have a harder job getting the collision with the putative HMG root certificate, if I have read the research correctly (my maths really isn't up to discussions with cryptographers), even if the HMG root was MD5 rather than SHA-1 hashed.<br>
<br clear="all"><br>-- <br>Matthew Pemble<br>Technical Director, Idrach Ltd<br><br>Mobile: +44 (0) 7595 652175<br>Office: + 44 (0) 1324 820690<br>