PKI Layer Cake: New Collision Attacks Against the Global X.509 Infrastructure

Research unveiled in December of 2008 showed how MD5's long-known flaws could be actively exploited to attack the real-world Certification Authority infrastructure. This paper demonstrates two new classes of collision, which will be somewhat trickier to address than previous attacks against X.509: the applicability of MD2 preimage attacks against the primary root certificate for Verisign, and the difficulty of validating X.509 Names contained within PKCS#10 Certificate Requests.