I need to host an HTTPS webserver so that MSIE4 clients on the export version of NT4 will accept its certificate. Can anyone hook a neighbor up with a 21 year old CA private key, or a bug that would be just as handy?
-
-
No 512-bit CAs are trusted by my target VM, I'm afraid. Perhaps a downgrade to MSIE3 would allow for one?
-
Had they started using MD5 back then? You could maybe do a chosen-prefix collision - https://github.com/cr-marcstevens/hashclash … MD4 might be even easier to make collisions for although I don't know if anybody's bothered to implement it
-
Sadly, chosen prefix collision attacks require that a CA signs one of the colliding pair. None of those old CAs are still signing new keys.
-
Right - I was thinking if you could take a signed CA cert and generate a new key that happened to collide with it...but maybe if it has to be a valid RSA key you're effectively looking at a preimage attack at that point?
-
Must be a valid X509 cert, and it's now really easy to generate colliding certs with matching MD5 hashes, such as pocorgtfo14.pdf which collides in 609 differing blocks. But nothing new is being signed, and it's because of this that pre-image is needed instead of chosen prefix.
-
There were also some great bugs with null bytes in strings back then, but with no operational signing authorities, those bugs can't be applied.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.