Agreed. However, wouldn't an operational review of certificate issuance activity of the impacted CAs provide another level of assurance that the researchers were the only ones who successfully exploited this vulnerability? I would imagine their activity (when inspected as a series of requests) would look rather anomalous.
Yes. Moreover, this is cited in the author's paper as a countermeasure against the attack. The attack required them to make a series of requests to probe and then prime the serial number to the value they picked for their "colliding machine", which takes days to run.
What about prior discovery that occurred before all the other certificate authorities began to harden against theoretical attacks like this? MD5 based signatures and monotonically increasing certificate serial numbers used to be the rule, not the exception.
I have root certificates in my browser that are valid from 1998 to 2018. It's not so easy to verify that this attack didn't already happen 5 or even 10 years ago.
Personally I think it's extremely unlikely, especially since the chosen prefix collision attack they used has only been public for less than two years, but how could you know for sure?
They're also using an unpublished variant of the chosen-prefix attack, which presumably is what allows them to win the weekend race to generate a collision with a predicted timestamp/serial pair.
We're also focusing on the algorithm, but not really accounting for the fact that simply owning a cluster of PS3s doesn't give you the optimized math code that generates the birthday bits during the weekend window. That code is itself presumably harder to write than any zero-day exploit.
