Go Back   nV News Forums > General Forums > Archived News Items

Newegg Daily Deals

Thread Tools
Old 06-05-12, 04:00 AM   #1
Registered User
Join Date: Jun 2009
Posts: 55,369
Post Flame malware wielded rare "collision" crypto attack against Microsoft


Attackers behind espionage software that infected Iranian computers targeted hard-to-exploit weaknesses in a cryptographic algorithm, a feat that allowed them to counterfeit a Microsoft digital credential, a member of the company's security team said.

Details of the "cryptographic collision attack," which came in a blog post published Monday afternoon, are the latest testament to the skill and sophistication that went into engineering the Flame malware. While theoretical, collision exploits in real-world attacks are virtually unheard of. As a 2008 attack on the MD5 cryptographic algorithm demonstrated, collision attacks require huge amounts of computing power, even when exploiting decades-old hashing functions. To pull it off, researchers had to wield the power of 200 PlayStation 3 gaming consoles.

Cryptographic algorithms are used to transform words, documents, or computer files into ciphertext that can never be converted back to their original form. These hash functions are used to digitally sign e-mails, ensure documents haven't been tampered with, and verify that software and software updates available online originated with a particular person or group. The integrity of the entire system relies on each unique piece of plaintext generating a unique string of ciphertext. The ability for someone to find a collision, in which two different plaintext sources generate the same ciphertext, completely undermines the system, since it relies on the plaintext remaining secret and unique.

Read more | Comments

News is offline   Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Iran-targeting Flame malware used huge network to steal blueprints News Archived News Items 0 06-04-12 04:20 PM

All times are GMT -5. The time now is 11:15 PM.

Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2015, Jelsoft Enterprises Ltd.
Copyright 1998 - 2014, nV News.