January 17th, 2009
Researcher generates executable MD5 collisions with Authenticode signed binary
We have heard quite a bit recently about the dangers of using MD5, a now-broken cryptographic hash routine, for determining the validity of SSL certificates. Today we see that a researcher has taken a major step in generating malicious software whose signature matches that of an Authenticode-signed binary.
Researcher Didier Stevens has shown that the technique described by Peter Selinger for generating pairs of executables with the same MD5 hash can be used to
generate pairs of executables which are also signed using Microsoft’s Authenticode program. This technique would allow a malicious individual to create a driver that has been validated as correct and signed by Microsoft but is actually malicious.
Much like the SSL issue, the scope of the problem is limited as the default mechanism for Authenticode signing is actually SHA-1 and not MD5. Nevertheless, the developments in hash collision generation is particularly disturbing when it comes to executables. I am concerned that at some point, an individual will be able to generate hash collisions in between malware and popular legitimate software, allowing them to evade signature-based anti-virus systems and have the software validate against binary whitelisting services.
That would officially be a “bad day.”
Adam J. O'Donnell, Ph.D. is an R&D engineer who has focused on computer security since 2000. He currently is the Director of Emerging Technologies at Cloudmark, a messaging security company located in San Francisco. See his full profile and disclosure of his industry affiliations.
Subscribe to Zero Day via Email alerts or RSS.
