Hi all, We announce the construction of two different valid X.509 certificates that have identical signatures. This is based on MD5 collisions.
One could e.g. construct the to-be-signed parts of the certificates, and get the one certificate signed by a CA. Then a valid signature for the other certificate is obtained, while the CA has not seen proof of possession of the private key of this second certificate. The certificates we constructed can be downloaded from http://www.win.tue.nl/~bdeweger/CollidingCertificates/. >From this site some more technical information can be downloaded as well. We provide a short paper explaining in detail our method. It is available on the website, and on the Cryptology ePrint Archive, at http://eprint.iacr.org/2005/067. This is joint work with Arjen Lenstra (Lucent Bell Labs and TU Eindhoven) and Xiaoyun Wang (Shandong University). Grtz, Benne de Weger ========================================= Technische Universiteit Eindhoven Coding & Crypto Groep Faculteit Wiskunde en Informatica Den Dolech 2 Postbus 513 5600 MB Eindhoven e-mail: [EMAIL PROTECTED]@[EMAIL PROTECTED]@[EMAIL PROTECTED] www: http://www.win.tue.nl/~bdeweger ========================================= --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]