|
|
|
|
|
|
by cheeze
2654 days ago
|
|
|
Well, it depends on what you mean by "hack." The attack that we're talking about here isn't breaking a signature, but relies instead on being able to manipulate certificate data to generate a certificate with a known hash. That hash must collide with another certificate hash, which would then let you generate a rogue certificate. A team demonstrated that this attack was possible by being able to issue a rogue cert by being able to predict the not_before and not_after on the certificate that would be issued, predicting the serial of the issued cert, and finding an input for the rest of the cert fields which caused a collision. https://www.win.tue.nl/hashclash/rogue-ca/ So, yes 128 bit serials would be better, but we should be safe even at 63 bits of entropy. |
|
|