Ars Technica

Fatally weak MD5 function torpedoes crypto protections in HTTPS and IPSEC

If you thought MD5 was banished from HTTPS encryption, you’d be wrong. It turns out the fatally weak cryptographic hash function, along with its only slightly stronger SHA1 cousin, are still widely ...
PC World

Continued support for MD5 endangers widely used cryptographic protocols

The old and insecure MD5 hashing function hasn’t been used to sign SSL/TLS server certificates in many years, but continues to be used in other parts of encrypted communications protocols, including ...
Computerworld

Ongoing MD5 support endangers cryptographic protocols

The old and insecure MD5 hashing function hasn’t been used to sign SSL/TLS server certificates in many years, but continues to be used in other parts of encrypted communications protocols, including ...
eWeek

Flame Exploited Long-Known Flaw in MD5 Certificate Algorithm

eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...
Embedded

Using digital signatures for data integrity checking in Linux

A signature should be small. This article considers a DS implementation example for binary file integrity checking in Linux (64-bit ELF). We will use a direct DS when only a sender and a recipient are ...
Computerworld

Identify and eliminate MD5 attacks in two easy steps

Recently, a group of international security researchers demonstrated successful attacks against the Public Key Infrastructure (PKI) used to issue security certificates to Web sites when the signatures ...
CSOonline

Microsoft moves to block MD5 certificates and improve RDP authentication

Microsoft released two optional security updates Tuesday to block digital certificates that use the MD5 hashing algorithm and to improve the network-level authentication for the Remote Desktop ...