Creating a rogue CA certificate

Latest news [Dec. 31, 2008] Responses from Verisign (RapidSSL), Microsoft and Mozilla. [Jan. 2, 2009] Responses from TC TrustCenter and RSA, and a US-CERT Vulnerability Note. [Jan. 8, 2009] Video and audio files of the 25C3 presentation are available from CCC. [Jan. 15, 2009] Response from Cisco. [Mar. 11, 2009] Our paper with details on improved MD5 chosen-prefix collision construction is available. [Apr. 30, 2009] Our paper is accepted at Crypto 2009. [June 2, 2009] A new single block chosen-prefix collision. [June 3, 2009] Our Crypto 2009 paper has won the best paper award. [June 16, 2009] Full paper now available: Marc Stevens, Arjen Lenstra and Benne de Weger, "Chosen-prefix Collisions for MD5 and Applications", submitted to the International Journal of Applied Cryptography. [August 22, 2009] The Crypto paper and the best paper award. [January 12, 2010] Our work made it to number 1 of the Top Ten Web Hacking Techniques of 2009. [October 28, 2010] This site now enjoys translations into Korean and Belorussian, provided respectively by vangelis and movavi.