12. CA & MD5 hash function Slide Attack Then a website certificate (the red one in the diagram) bearing the genuine website's identity but another public key is created and signed by the rogue CA. A copy of the genuine website is built, put on another web server, and equipped with the rogue website certificate. A rogue CA certificate is constructed (the black one in the diagram). It bears exactly the same signature as the website certificate. Thus it appears as being issued by the CA, whereas in fact the CA has never even seen it. The user will not mention this because there is a problem in the MD5 hash function
The Secure Sockets Layer (SSL) is a security protocol used by Web browsers and Web servers to help users protect their data during transfer. An SSL Certificate contains a public and private key pair as well as verified identification information. When a browser (or client) points to a secured domain, the server shares the public key with the client to establish an encryption method and a unique session key. The client confirms that it recognizes and trusts the issuer of the SSL Certificate. This process is known as the "SSL handshake" and it can begin a secure session that protects message privacy and message integrity.