(New Scientist) The recently discovered computer worm Flame could have been created only by "world-class" cryptographers, say experts in the field who have discovered that the malware uses a previously unseen cryptographic attack.
Flame installs itself on a target computer by hijacking the Windows Update system. Normal updates are signed with a digital certificate that verifies their origin, but Flame's creators were able to fake their own certificate.
Such certificates are signed by a hash algorithm that converts any digital data into a short sequence of characters. It isn't possible to recover the original data from this sequence, but it can be used to verify it, allowing the hash sequence to act as a virtual "signature". Crucially, it should be very difficult to discover two pieces of data that convert to the same hash sequence - otherwise someone can perform a "collision attack", generating a spoof hash sequence without knowing the original data.
Advertisement - story continues below