Peaches Posted January 20, 2009 Report Share Posted January 20, 2009 20 January 2009, 16:06 MD5 attack on Microsoft's Authenticode A security expert has managed to transfer the digital signature of one Windows program to another, without invalidating the signature. Didier Stevens, who presented the attack in his blog, exploited the fact that Microsoft's Authenticode code signing standard accepts the vulnerable MD5 hash algorithm. Stevens used this to generate two programs which have identical code signatures, but behave differently. Similar collision attacks on MD5 have already caused considerable commotion. The most prominent example is probably the work of a group of researchers who used this method to obtain a Certificate-Authority SSL certificate trusted by all common web browsers. The attack on Authenticode only requires minimal changes to the tools already available for calculating collisions. Authenticode signatures disregard file checksums and pointers to the signature of Windows program files because these change during the signing process." Heise Security for further details: http://www.heise-online.co.uk/security/MD5...e--/news/112448 Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.