[cryptography] Microsoft Sub-CA used in malware signing

Florian Weimer fw at deneb.enyo.de
Sun Jun 10 16:03:07 EDT 2012

* Marsh Ray:

> Marc Stevens and B.M.M. de Weger (of
> http://www.win.tue.nl/hashclash/rogue-ca/) have been looking at the
> collision in the evil CN=MS cert. I'm sure they'll have a full report
> at some point. Until then, they have said this:

>> [We] have confirmed that flame uses a yet unknown md5 chosen-prefix
>> collision attack.

Does this mean they've seen the original certificate in addition to
the evil twin?

Until then, there is another explanation besides an advance in
cryptanalysis.  Just saying. 8-)

More information about the cryptography mailing list