MD5 Considered Harmful Today

A group of international security experts has demonstrated how the weaknesses of MD5 hash function can be used to create two messages with the same MD5 hash which is commonly known as a collision. To demonstrate practically, they have successfully created a rogue CA* certificate (apparently mimicking RapidSSL.com of VeriSign Inc.).

The result of this experiment is that any bogus (SSL**) certificate signed by the rogue CA certificate is identified by web browsers as a genuine certificate issued by the original CA (like VeriSign, or any other CA that uses MD5) leading pathways to undetectable phishing attacks - if exploited successfully. While the probability of seeing actual attacks that exploit the flaw is low, it's time to look at other cryptographic hash functions like SHA1.

Details of the research work are available here: http://www.win.tue.nl/hashclash/rogue-ca/

* CA: Certificate Authority
** SSL: Secure Socket Layer