Flame: design required world-class cryptanalysis

RobertKaucherRobertKaucher Member Posts: 4,299 ■■■■■■■■■■
Some of you guys suggested Flame was nothing special a few weeks ago. I disagreed but kept relatively silent. Here is an indication of why Flame is such a big deal:
CWI cryptanalyst discovers new cryptographic attack variant in Flame spy malware | CWI Amsterdam | Research in mathematics and computer science
FLAME design required world-class cryptanalysis: an as yet unknown variant cryptographic collision attack was revealed by a novel forensic tool, developed by Marc Stevens from the Centrum Wiskunde & Informatica (CWI) in Amsterdam. Marc Stevens is currently Scientific Staff Member in the Cryptology Group of prof. dr. Ronald Cramer at CWI. Marc’s research focuses on the cryptanalysis of cryptographic hash function standards.

This is not something a few highly skilled hackers employed by the Russian mafia could come up with.

Comments

  • tpatt100tpatt100 Member Posts: 2,991 ■■■■■■■■■□
    I love reading about this stuff.

    Ok they should make a movie about this, starring Matt Damon and Tom Cruise with his IMF team.
  • tpatt100tpatt100 Member Posts: 2,991 ■■■■■■■■■□
    What nobody else is turned on by this stuff? This is like geek pron for me, can't stop talking about it at work.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    In defense of those of us who said it was nothing special, I for one was speaking to the methods it used to spread and infect. Definitely a highly financed team worked on it and as far as I can tell (given some of the analysis) there were probably a series of teams. Seems a lot of people were some how surprised of how high targeted it was.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • onesaintonesaint Member Posts: 801
    So essentially, any government or Uni with a super skilled set of world class cryptographers (ahem, dvd-jon) could have drummed this up based on the previous written chosen-prefix collision attack. Since Microsoft didn't fix the MD5 signature hole back in 2009 the new Flame malware worked wonderfully, 4 years later.
    This attack avenue was essentially open to any knowledgeable attackers since June 2009, when, under the belief that MD5-based signatures had indeed been disallowed, we made the program sources for a chosen-prefix collision attack publicly available.
    Work in progress: picking up Postgres, elastisearch, redis, Cloudera, & AWS.
    Next up: eventually the RHCE and to start blogging again.

    Control Protocol; my blog of exam notes and IT randomness
  • RobertKaucherRobertKaucher Member Posts: 4,299 ■■■■■■■■■■
    Yes! But no one did it (to our knowledge). It's important that Marc Steven's method was not the method that was used. Why those certs were not revoked.... well, who knows. I suppose there could be a conspiracy theory saying the they were approached by the NSA and asked not to and this gave them deniability. More than likely it was just a stupid mistake. I imagine that the method that was used to do this has been around since BEFORE Marc Steven's method discussed in the article. Probably it was developed in conjunction with StuxNet - so before 2007.
  • tpatt100tpatt100 Member Posts: 2,991 ■■■■■■■■■□
    So some group found a vulnerability and did not disclose it to use for their own advantage, somebody else "finds" the vulnerability a couple of years later, goes public but come to find out they were not the first?
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    A true conspiracy theory that I think holds a lot of water (along the lines of what Robert said) actually really involves the National Guard/Reserves. Specifically, in the National Guard and Reserves there are cyber units based throughout the country. First, look at the locations of two of these units: Army Reserve has one located right around Carnegie Mellon. Who happens to have an office around the same location? Google. The Air National Guard has a cyber unit in Washington State (262d Network Warfare Squadron) and where abouts do you think it is close to? Air Force Draws Weekend Cyberwarriors From Microsoft, Cisco

    I recall reading an article years back where several countries complained that we were using American workers for cyber operations. Makes a lot of sense that these units (which in theory would consist of engineers and programmers from the top tech companies) were perhaps used to make these viruses. Obviously, it's not a weekend warrior kind of gig, but there is nothing to stop the government from activating these units and get the ball rolling. Or at the very least, keep them in the loop and make sure things go according the the plan.

    All that being said, probably too many hands in the pie for that to be the case. They farmed this out to a few defense contractors, each writing a different piece of the puzzle and then put it all together. Is it a nice piece of malware? Sure. Was it advanced for the time? Sure. But in today's world, the vectors and what it did are nothing new.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • RobertKaucherRobertKaucher Member Posts: 4,299 ■■■■■■■■■■
    the_Grinch wrote: »
    ... the vectors and what it did are nothing new.
    And by that standard nothing in fact is new.
  • onesaintonesaint Member Posts: 801
    Well, to some extent that is true. The MD5 issue with MS goes back to 2007. This could have been avoided with a step up in cryptographic signatures.

    But when I dawn my tin foil hat, MS knew about this and the USAF told them not to close the hole, so it could be exploited some 5 years later.

    Hat off, I think Robert is pointing at the cryptographic methods as being new and not so much the attack in general.
    Work in progress: picking up Postgres, elastisearch, redis, Cloudera, & AWS.
    Next up: eventually the RHCE and to start blogging again.

    Control Protocol; my blog of exam notes and IT randomness
  • phoeneousphoeneous Member Posts: 2,333 ■■■■■■■□□□
    Hacking is cool.
  • kalkan999kalkan999 Member Posts: 269 ■■■■□□□□□□
    For those of us who prefer to think this was not an act performed by a Nation State with resources unavailable to others, consider the following:
    - the obscurity of the programming language used but around since the 1980's.
    - The fact that the language used was the same as that used to create Angry Birds.
    - that it fooled Deep Packet Inspections conducted by Application Based Firewalls.
    - that it was performed by teams as suggested by grinch is plausible, as some parts of this were not compiled. Maybe a tactic to deny that a nation state would not be so sloppy
    - Plausible Deniablity by Microsoft BECAUSE of the 2009 MD5 Fiasco
    - ALL 80 domains affiliated with FLAME went down one hour after Kapersky labs listed 'Wiper.'
    - That it is a TRUE Man in The Middle threat that used Digital Certificate of Microsoft Terminal Services, and other Micosoft products listed as trusted under CA.
    - It specifically targeted systems well known as adversaries of a particular nation-state
    - that its method of delivery is still not fully known, but that its signature dates back to 2008.
    - that its language is such that its database and operations are compatable with other languages
    - Most of the programmers known to be proficient in this language (lua) are Brazilian, with some Northern Europeans thrown in, and none so far were in a position to, or were supposedly capable of creating malware to such an extent
    - All of the 80 domains registered provided false addresses from all over the world, Dr's offices in Vienna, Children''s library in Sweden, etc. None of these offices were infected, nor were their computers determined to be Zombies.
    - Infected systems where malicious activity occurred showed a SIGNIFICANT decrease in outgoing packets now suspected of sending info to sites during lunchtime between 1100 and 1300 EST US, and another significant drop between 1700-1800 EST (shift change) and again between 2330 and 0100, which suggests a 24 hour operation from an Advanced Threat.
    - that FLAME references words like, Carl, Vincent, Slept, etc., repeatedly
    - WIndows 7 in 64 bit mode seems to be effective against FLAME
    - That China ONLY agreed to buy and use Microsoft Operating Systems (XP, VISTA, 2003) if Microsoft agreed to provide some 4 million lines of their OS code available that they believed might otherwise compromise their security posture. Microsoft agreed, by the way. Reports indicate that vulnerabilities seem to come from Microsoft updates that were not related to the source code made available to China.
Sign In or Register to comment.