Around 2010, a sophisticated malware known as Flame hijacked the mechanism Microsoft used to distribute updates to millions of Windows computers worldwide. Malware reportedly co-created by the US and Israel has released a malicious update to an infected network belonging to the Iranian government.
The main goal of the “Collision” attack was to exploit MD5, the cryptographic hash function that Microsoft uses to authenticate digital certificates. By forging a cryptographically perfect digital signature based on MD5, the attackers created a certificate that authenticated their malicious update server. If the attack was used more widely, it would have catastrophic consequences worldwide.
Approaching the danger zone with anxiety
Event, which appeared In 2012, the collapse of two important cryptographic algorithms that are now widely used by cryptographic engineers serves as a cautionary tale. since 2004MD5 is known to be susceptible to “collisions”, a fatal flaw that allows adversaries to create two different entries that produce identical results.
