1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Crypto attack that hijacked Windows Update goes mainstream in Amazon Cloud

Discussion in 'Windows - Software discussion' started by ireland, Nov 5, 2014.

  1. ireland

    ireland Active member

    Nov 28, 2002
    Likes Received:
    Trophy Points:
    Crypto attack that hijacked Windows Update goes mainstream in Amazon Cloud

    Collision attack against widely used MD5 algorithm took 10 hours, cost just 65 cents.

    Underscoring just how broken the widely used MD5 hashing algorithm is, a software engineer racked up just 65 cents in computing fees to replicate the type of attack a powerful nation-state used in 2012 to hijack Microsoft's Windows Update mechanism.

    Nathaniel McHugh ran open source software known as HashClash to modify two separate images—one of them depicting funk legend James Brown and the other R&B singer/songwriter Barry White—that generate precisely the same MD5 hash, e06723d4961a0a3f950e7786f3766338. The exercise—known in cryptographic circles as a hash collision—took just 10 hours and cost only 65 cents plus tax to complete using a GPU instance on Amazon Web Service. In 2007, cryptography expert and HashClash creator Marc Stevens estimated it would require about one day to complete an MD5 collision using a cluster of PlayStation 3 consoles.

    The practical ability to create two separate inputs that generate the same hash is a fundamental flaw that makes MD5 unsuitable for most purposes. (The exception is password hashing. Single iteration MD5 hashing is horrible for passwords but for an entirely different reason that is outside the scope of this post.) The susceptibility to collisions can have disastrous consequences, potentially for huge swaths of the Internet.

    The Flame espionage malware, for instance, exploited the MD5 collision weakness to counterfeit the sensitive digital certificate Windows machines rely on to determine when system updates are trustworthy. The exploit allowed Flame—the espionage malware that infected Iran and other countries in the Middle East—to easily spread from one computer to another inside a local network. By presenting a counterfeit digital certificate based on the same MD5 hash as the legitimate credential, infected machines were able to hoodwink uninfected machines into accepting malicious code as if it came from Microsoft. Microsoft has since retired the use of MD5 and is in the process of phasing out SHA1, a separate hashing algorithm that is believed to be susceptible to practical collision attacks soon.



Share This Page