On Sep 1, 2013, at 10:35 PM, James A. Donald wrote:
>> Meanwhile, on the authentication side, Stuxnet provided evidence that the 
>> secret community *does* have capabilities (to conduct a collision attacks) 
>> beyond those known to the public - capabilities sufficient to produce fake 
>> Windows updates.
> Do we know they produced fake windows updates without assistance from 
> Microsoft?
For some version of "know".  From 

"Microsoft released an emergency Windows update on Sunday after revealing that 
one of its trusted digital signatures was being abused to certify the validity 
of the Flame malware that has infected computers in Iran and other Middle 
Eastern Countries.

The compromise exploited weaknesses in Terminal Server, a service many 
enterprises use to provide remote access to end-user computers. By targeting an 
undisclosed encryption algorithm Microsoft used to issue licenses for the 
service, attackers were able to create rogue intermediate certificate 
authorities that contained the imprimatur of Microsoft's own root authority 
certificate—an extremely sensitive cryptographic seal. Rogue intermediate 
certificate authorities that contained the stamp were then able to trick 
administrators and end users into trusting various Flame components by falsely 
certifying they were produced by Microsoft....

Based on the language in Microsoft's blog posts, it's impossible to rule out 
the possibility that at least one of the certificates revoked in the update was 
... created using [previously reported] MD5 weaknesses [which allowed collision 
attacks]. Indeed, two of the underlying credentials used MD5, while the third 
used the more advanced SHA-1 algorithm. In a Frequently Asked Questions section 
of Microsoft Security Advisory (2718704), Microsoft's security team also said: 
"During our investigation, a third Certificate Authority has been found to have 
issued certificates with weak ciphers." The advisory didn't elaborate."

                                                        -- Jerry

The cryptography mailing list

Reply via email to