{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T08:42:47Z","timestamp":1743151367819,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":31,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783662487990"},{"type":"electronic","value":"9783662488003"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-662-48800-3_24","type":"book-chapter","created":{"date-parts":[[2015,11,26]],"date-time":"2015-11-26T07:12:21Z","timestamp":1448521941000},"page":"586-611","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Reverse-Engineering of the Cryptanalytic Attack Used in the Flame Super-Malware"],"prefix":"10.1007","author":[{"given":"Max","family":"Fillinger","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Marc","family":"Stevens","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2015,12,30]]},"reference":[{"key":"24_CR1","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4613-9314-6","volume-title":"Differential Cryptanalysis of the Data Encryption Standard","author":"E Biham","year":"1993","unstructured":"Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer-Verlag, London (1993)"},{"key":"24_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"293","DOI":"10.1007\/3-540-48285-7_26","volume-title":"Advances in Cryptology - EUROCRYPT \u201993","author":"B Boer den","year":"1994","unstructured":"den Boer, B., Bosselaers, A.: Collisions for the compression function of MD-5. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 293\u2013304. Springer, Heidelberg (1994)"},{"key":"24_CR3","series-title":"Lecture Notes in Computer Science","volume-title":"Advances in Cryptology - CRYPTO 1989","year":"1990","unstructured":"Brassard, G. (ed.): CRYPTO 1989. LNCS, vol. 435. Springer, Heidelberg (1990)"},{"key":"24_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11935230_1","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2006","author":"C Canni\u00e8re De","year":"2006","unstructured":"De Canni\u00e8re, C., Rechberger, C.: Finding SHA-1 characteristics: general results and applications. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 1\u201320. Springer, Heidelberg (2006)"},{"key":"24_CR5","doi-asserted-by":"crossref","unstructured":"Damg\u00e5rd, I.: A design principle for hash functions. In: Brassard [3], pp. 416\u2013427","DOI":"10.1007\/0-387-34805-0_39"},{"key":"24_CR6","unstructured":"Dobbertin, H.: The Status of MD5 After a Recent Attack. RSA CryptoBytes, 2(2) (1996)"},{"key":"24_CR7","unstructured":"Hawkes, P., Paddon, M., Rose, G.G.: Musings on the Wang et al. MD5 Collision. Cryptology ePrint Archive, Report 2004\/264 (2004)"},{"key":"24_CR8","unstructured":"Hashclash project webpage. \n                      http:\/\/code.google.com\/p\/hashclash"},{"key":"24_CR9","unstructured":"Klima, V.: Finding MD5 Collisions on a Notebook PC Using Multi-message Modifications. Cryptology ePrint Archive, Report 2005\/102 (2005)"},{"key":"24_CR10","unstructured":"Klima, V.: Tunnels in Hash Functions: MD5 Collisions Within a Minute. Cryptology ePrint Archive, Report 2006\/105 (2006)"},{"key":"24_CR11","unstructured":"CrySyS Lab: sKyWIper (a.k.a. Flame a.k.a. Flamer): A complex malware for targeted attacks. Laboratory of Cryptography and System Security, Budapest University of Technology and Economics, 31 May 2012"},{"key":"24_CR12","unstructured":"Kaspersky Lab: The Flame: Questions and Answers. Securelist blog, 28 May 2012"},{"key":"24_CR13","unstructured":"Liang, J., Lai, X.: Improved Collision Attack on Hash Function MD5. Cryptology ePrint Archive, Report 2005\/425 (2005)"},{"key":"24_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1007\/978-3-642-10366-7_9","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2009","author":"F Mendel","year":"2009","unstructured":"Mendel, F., Rechberger, C., Schl\u00e4ffer, M.: MD5 is weaker than weak: attacks on concatenated combiners. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 144\u2013161. Springer, Heidelberg (2009)"},{"key":"24_CR15","doi-asserted-by":"crossref","unstructured":"Merkle, R.C.: One Way Hash Functions and DES. In: Brassard [3], pp. 428\u2013446","DOI":"10.1007\/0-387-34805-0_40"},{"key":"24_CR16","unstructured":"Microsoft: Flame malware collision attack explained. Security Research and Defense, Microsoft TechNet Blog, 6 June 2012"},{"key":"24_CR17","unstructured":"Microsoft: Microsoft certification authority signing certificates added to the Untrusted Certificate Store. Security Research and Defense, Microsoft TechNet Blog, 3 June 2012"},{"issue":"1","key":"24_CR18","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/PL00003816","volume":"12","author":"PC Oorschot van","year":"1999","unstructured":"van Oorschot, P.C., Wiener, M.J.: Parallel collision search with cryptanalytic applications. J. Cryptol. 12(1), 1\u201328 (1999)","journal-title":"J. Cryptol."},{"key":"24_CR19","unstructured":"Nakashima, E., Miller, G., Tate, J.: U.S., Israel developed Flame computer virus to slow Iranian nuclear efforts, officials say. The Washington Post, June 2012"},{"key":"24_CR20","unstructured":"Ray, M.: Flame\u2019s Windows Update Certificate Chain. Randombit Cryptography Mailing List, June 2012. \n                      http:\/\/lists.randombit.net\/pipermail\/cryptography\/2012-June\/002969.html"},{"key":"24_CR21","doi-asserted-by":"crossref","unstructured":"Rivest, R.L.: The MD5 Message-Digest Algorithm. Internet Request for Comments, RFC 1321, April 1992","DOI":"10.17487\/rfc1321"},{"key":"24_CR22","unstructured":"Sasaki, Y., Naito, Y., Kunihiro, N., Ohta, K.: Improved Collision Attack on MD5. Cryptology ePrint Archive, Report 2005\/400 (2005)"},{"key":"24_CR23","unstructured":"Sotirov, A.: Analyzing the MD5 collision in Flame, June 2012"},{"key":"24_CR24","unstructured":"Stevens, M.: Fast Collision Attack on MD5. Cryptology ePrint Archive, Report 2006\/104 (2006)"},{"key":"24_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/978-3-642-40041-4_8","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"M Stevens","year":"2013","unstructured":"Stevens, M.: Counter-cryptanalysis. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 129\u2013146. Springer, Heidelberg (2013)"},{"key":"24_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-72540-4_1","volume-title":"Advances in Cryptology - EUROCRYPT 2007","author":"M Stevens","year":"2007","unstructured":"Stevens, M., Lenstra, A.K., de Weger, B.: Chosen-prefix collisions for MD5 and colliding X.509 certificates for different identities. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 1\u201322. Springer, Heidelberg (2007)"},{"key":"24_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1007\/978-3-642-03356-8_4","volume-title":"Advances in Cryptology - CRYPTO 2009","author":"M Stevens","year":"2009","unstructured":"Stevens, M., Sotirov, A., Appelbaum, J., Lenstra, A., Molnar, D., Osvik, D.A., de Weger, B.: Short chosen-prefix collisions for MD5 and the creation of a rogue CA certificate. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 55\u201369. Springer, Heidelberg (2009)"},{"key":"24_CR28","unstructured":"Wang, X., Feng, D., Lai, X., Yu, H.: Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD. Cryptology ePrint Archive, Report 2004\/199 (2004)"},{"key":"24_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/11426639_2","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"X Wang","year":"2005","unstructured":"Wang, X., Yu, H.: How to break MD5 and other Hash functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19\u201335. Springer, Heidelberg (2005)"},{"key":"24_CR30","unstructured":"Xie, T., Feng, D.: How To Find Weak Input Differences for MD5 Collision Attacks. Cryptology ePrint Archive, Report 2009\/223 (2009)"},{"key":"24_CR31","unstructured":"Yajima, J., Shimoyama, T.: Wang\u2019s sufficient conditions of MD5 are not sufficient. Cryptology ePrint Archive, Report 2005\/263 (2005)"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2015"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-48800-3_24","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,11,27]],"date-time":"2019-11-27T20:14:43Z","timestamp":1574885683000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-662-48800-3_24"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783662487990","9783662488003"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-48800-3_24","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"30 December 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}