PDA

View Full Version : Crypto breakthrough shows Flame was designed by world-class scientists


News
06-08-12, 05:20 AM
http://cdn.arstechnica.net/wp-content/uploads/2012/06/collision_attack_overview.png An overview of a chosen-prefix collision
Marc Stevens (http://marc-stevens.nl/research/papers/IJACT12-StLdW.pdf)


Flame



Flame's "god mode cheat code" wielded to hijack Windows 7, Server 2008 (Updated) (http://arstechnica.com/security/2012/06/flames-god-mode-cheat-code-wielded-to-hijack-windows-7-server-2008/)
Flame malware wielded rare "collision" crypto attack against Microsoft (http://arstechnica.com/security/2012/06/flame-wields-rare-collision-crypto-attack/)
Flame malware hijacks Windows Update to spread from PC to PC (http://arstechnica.com/security/2012/06/flame-malware-hijacks-windows-update-to-propogate/)
Iran-targeting Flame malware used huge network to steal blueprints (http://arstechnica.com/security/2012/06/flame-espionage-malware-used-huge-network-to-steal-blueprints/)
Spy software's Bluetooth capability allowed stalking of Iranian victims (http://arstechnica.com/security/2012/06/spy-softwares-bluetooth-capabilty-allowed-stalk-of-iranian-victims/)

The Flame espionage malware that infected computers in Iran achieved mathematic breakthroughs that could only have been accomplished by world-class cryptographers, two of the world's foremost cryptography experts said.

"We have confirmed that Flame uses a yet unknown MD5 chosen-prefix collision attack," Marc Stevens and B.M.M. de Weger wrote in an e-mail posted to a cryptography discussion group (http://www.mail-archive.com/cryptography@randombit.net/msg02928.html) earlier this week. "The collision attack itself is very interesting from a scientific viewpoint, and there are already some practical implications."

"Collision" attacks, in which two different sources of plaintext generate identical cryptographic hashes, have long been theorized. But it wasn't until late 2008 that a team of researchers made one truly practical. By using a bank of 200 PlayStation 3 consoles to find collisions in the MD5 algorithm‚??and exploiting weaknesses in the way secure sockets layer certificates were issued‚??they constructed a rogue certificate authority (http://arstechnica.com/security/2008/12/theoretical-attacks-yield-practical-attacks-on-ssl-pki/) that was trusted by all major browsers and operating systems. Stevens, from the Centrum Wiskunde & Informatica in Amsterdam, and de Wegwer, of the Technische Universiteit Eindhoven (http://www.tue.nl/) were two of the driving forces behind the research that made it possible.

Read more (http://arstechnica.com/security/2012/06/flame-crypto-breakthrough/) | Comments (http://arstechnica.com/security/2012/06/flame-crypto-breakthrough/?comments=1#comments-bar)



http://feeds.feedburner.com/~ff/arstechnica/index?i=daIWueQa4sE:Dq6lq6HwD4Q:V_sGLiPBpWU (http://feeds.arstechnica.com/~ff/arstechnica/index?a=daIWueQa4sE:Dq6lq6HwD4Q:V_sGLiPBpWU) http://feeds.feedburner.com/~ff/arstechnica/index?i=daIWueQa4sE:Dq6lq6HwD4Q:F7zBnMyn0Lo (http://feeds.arstechnica.com/~ff/arstechnica/index?a=daIWueQa4sE:Dq6lq6HwD4Q:F7zBnMyn0Lo) http://feeds.feedburner.com/~ff/arstechnica/index?d=qj6IDK7rITs (http://feeds.arstechnica.com/~ff/arstechnica/index?a=daIWueQa4sE:Dq6lq6HwD4Q:qj6IDK7rITs) http://feeds.feedburner.com/~ff/arstechnica/index?d=yIl2AUoC8zA (http://feeds.arstechnica.com/~ff/arstechnica/index?a=daIWueQa4sE:Dq6lq6HwD4Q:yIl2AUoC8zA)
http://feeds.feedburner.com/~r/arstechnica/index/~4/daIWueQa4sE

More... (http://feeds.arstechnica.com/~r/arstechnica/index/~3/daIWueQa4sE/)