[cryptography] Microsoft Sub-CA used in malware signing

Marsh Ray marsh at extendedsubset.com
Wed Jun 6 14:46:31 EDT 2012


Microsoft just released more info:
> http://blogs.technet.com/b/srd/archive/2012/06/06/more-information-about-the-digital-certificates-used-to-sign-the-flame-malware.aspx

It turns out that this:

> echo '30 1a 06 08 2b 06 01 04 01 82 37 12 01 01 ff 04 0b 16 09 54 4c
> 53 7e 42 41 53 49 43'|xxd -r -p|openssl asn1parse -dump -inform der
> 0:d=0 hl=2 l= 26 cons: SEQUENCE
> 2:d=1 hl=2 l= 8 prim: OBJECT :1.3.6.1.4.1.311.18 <-- a MS Terminal
> Services licensing specific OID
> 12:d=1 hl=2 l= 1 prim: BOOLEAN :255  <-- "critical" attribute
> 15:d=1 hl=2 l= 11 prim: OCTET STRING
> 0000 - 16 09 54 4c 53 7e 42 41-53 49 43 ..TLS~BASIC

The fact that this custom OID was marked critical was in fact the sole 
reason that the attackers needed to do an MD5 collision at all.

- Marsh



More information about the cryptography mailing list