Unit 2 Assignment 2
Unit 2 Assignment 2: Vulnerability of a Cryptosystem
1. Microsoft is aware that research was published at a security conference proving a successful attack against X.509 digital certificates signed using the MD5 hashing algorithm. This attack method could allow an attacker to generate additional digital certificates with different content that have the same digital signature as an original certificate. The MD5 algorithm had previously shown a vulnerability, but a practical attack had not yet been demonstrated.
Solution : for this we need to update the latest security patch for the security for the university to patch the flaw on the system. Using the assign on Microsoft page fallowing KB
2. We have identified a vulnerability in the Internet Public Key Infrastructure (PKI) used to issue digital certificates for secure websites. As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers. This certificate allows us to impersonate any website on the Internet, including banking and e-commerce sites secured using the HTTPS protocol.
Our attack takes advantage of a weakness in the MD5 cryptographic hash function that allows the construction of different messages with the same MD5 hash. This is known as an MD5 "collision". Previous work on MD5 collisions between 2004 and 2007 showed that the use of this hash function in digital signatures can lead to theoretical attack scenarios. Our current work proves that at least one attack scenario can be exploited in practice, thus exposing the security infrastructure of the web to realistic threats .
Solution: Well what I do is again maintain a update and secure the necessary SSL ports and redirecting the source of the attack and check were is coming.
3. A secure cryptographic hash algorithm is one that generates a unique identifier of a fixed size (known as a "digest" or simply "hash") for a block of data of
1. Microsoft is aware that research was published at a security conference proving a successful attack against X.509 digital certificates signed using the MD5 hashing algorithm. This attack method could allow an attacker to generate additional digital certificates with different content that have the same digital signature as an original certificate. The MD5 algorithm had previously shown a vulnerability, but a practical attack had not yet been demonstrated.
Solution : for this we need to update the latest security patch for the security for the university to patch the flaw on the system. Using the assign on Microsoft page fallowing KB
2. We have identified a vulnerability in the Internet Public Key Infrastructure (PKI) used to issue digital certificates for secure websites. As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers. This certificate allows us to impersonate any website on the Internet, including banking and e-commerce sites secured using the HTTPS protocol.
Our attack takes advantage of a weakness in the MD5 cryptographic hash function that allows the construction of different messages with the same MD5 hash. This is known as an MD5 "collision". Previous work on MD5 collisions between 2004 and 2007 showed that the use of this hash function in digital signatures can lead to theoretical attack scenarios. Our current work proves that at least one attack scenario can be exploited in practice, thus exposing the security infrastructure of the web to realistic threats .
Solution: Well what I do is again maintain a update and secure the necessary SSL ports and redirecting the source of the attack and check were is coming.
3. A secure cryptographic hash algorithm is one that generates a unique identifier of a fixed size (known as a "digest" or simply "hash") for a block of data of