In 2009, while I was researching Surviving Cyberwar, I attended the COSAC security conference outside of Dublin for the first time. During an open session I posed this question to the attendees: “Can ...

I was reading the new Ars article about Microsoft's decision to retire SHA-1 due to its vulnerability to collision attacks. The article mentions the well-publicized Flame attack of 2012, a key ...

At the 25th Chaos Communication Congress (CCC) today, researchers will reveal how they utilized a collision attack against the MD5 algorithm to create a rogue certificate authority. This is pretty big ...

Researchers have demonstrated new collision attacks against SHA-1 and MD5 implementations in TLS, IKE and SSH. If you’re hanging on to the theory that collision attacks against SHA-1 and MD5 aren’t ...

Using computing power from a cluster of 200 PS3 game consoles and about $700 in test digital certificates, a group of hackers in the U.S. and Europe have found a way to target a known weakness in the ...

New research into attacks against the SHA-1 cryptographic algorithm lessen the cost and time to arrive at a practical collision. When Bruce Schneier made his oft-cited and mathematically sound ...

The old and insecure MD5 hashing function hasn’t been used to sign SSL/TLS server certificates in many years, but continues to be used in other parts of encrypted communications protocols, including ...

LAS VEGAS—Elie Bursztein, Google's lead anti-fraud researcher, began his talk here at Black Hat 2017 with an understatement: "It has been a long and interesting journey over the last few years." In ...

LAS VEGAS—Elie Bursztein, Google's lead anti-fraud researcher, began his talk here at Black Hat 2017 with an understatement: "It has been a long and interesting journey over the last few years." In ...