Around 2010, sophisticated malware called Flame hijacked the mechanism Microsoft used to distribute updates to millions of Windows computers around the world. The malware, reportedly jointly developed by the US and Israel, inserted a malicious update into an infected network belonging to the Iranian government.
The main cause of the “collision” attack was the exploitation of MD5, a cryptographic hash function that Microsoft was using to authenticate digital certificates. By creating a cryptographically perfect digital signature based on MD5, the attackers created a certificate that authenticated their malicious update server. Had the attack been used more widely, it would have had devastating consequences worldwide.
getting uncomfortably close to the danger zone
This incident, which occurred in 2012, now serves as a warning to cryptography engineers as they consider the collapse of two important cryptography algorithms used everywhere. Since 2004, MD5 has been known to be vulnerable to “collision”, a fatal flaw that allows adversaries to generate two different inputs that produce the same output.
Read full article
notes
<a href