From owner-freebsd-security@FreeBSD.ORG Thu Aug 26 07:34:35 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8AE1816A4D1 for ; Thu, 26 Aug 2004 07:34:35 +0000 (GMT) Received: from mail.ki.iif.hu (mignon.ki.iif.hu [193.6.222.240]) by mx1.FreeBSD.org (Postfix) with ESMTP id 53B5E43D3F for ; Thu, 26 Aug 2004 07:34:34 +0000 (GMT) (envelope-from mohacsi@niif.hu) Received: from localhost (localhost [127.0.0.1]) by mail.ki.iif.hu (Postfix) with ESMTP id A740454FB; Thu, 26 Aug 2004 09:34:32 +0200 (CEST) Received: from mail.ki.iif.hu ([127.0.0.1]) by localhost (mignon.ki.iif.hu [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 23656-02-8; Thu, 26 Aug 2004 09:34:26 +0200 (CEST) Received: by mail.ki.iif.hu (Postfix, from userid 1003) id 31F8B54EE; Thu, 26 Aug 2004 09:34:26 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by mail.ki.iif.hu (Postfix) with ESMTP id 2FA8C54EC; Thu, 26 Aug 2004 09:34:26 +0200 (CEST) Date: Thu, 26 Aug 2004 09:34:26 +0200 (CEST) From: Mohacsi Janos X-X-Sender: mohacsi@mignon.ki.iif.hu To: Scott Gerhardt In-Reply-To: <40BEB77B-F6E3-11D8-B9B9-000393801C60@g-it.ca> Message-ID: <20040826091143.S63227@mignon.ki.iif.hu> References: <40BEB77B-F6E3-11D8-B9B9-000393801C60@g-it.ca> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: by amavisd-new at mail.ki.iif.hu cc: freebsd-security@freebsd.org cc: Oliver Eikemeier Subject: Re: Report of collision-generation with MD5 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Aug 2004 07:34:35 -0000 On Wed, 25 Aug 2004, Scott Gerhardt wrote: > >> >> On 18-Aug-2004 Mike Tancsa wrote: >>> As I have no crypto background to evaluate some of the (potentially wild >>> and erroneous) claims being made in the popular press* (eg >>> http://news.com.com/2100-1002_3-5313655.html see quote below), one thing >>> that comes to mind is the safety of ports. If someone can pad an archive >>> to come up with the same MD5 hash, this would challenge the security of >>> the FreeBSD ports system no ? >> >> I _believe_ answer is "no", because i _think_ the FreeBSD ports system also >> verify the size of the archive(s) (cat /usr/ports/any/any/distinfo to see >> what made me think that). >> >> Padding would modify archive size. Finding a backdoored version that both >> satisfy producing the same hash and being the same size is probably not >> impossible, but how many years would it take ? >> >> >> Now, i may be wrong. Any enlightement welcome. >> >> -- >> Guy >> _______________________________________________ >> > > Why not adopt the OpenBSD method for ports. OpenBSD supplies 3 hash/digests > for downloaded binaries and sources. Those OpenBSD guys leave nothing to > chance. > > ports/databases/postgresql] scott% cat distinfo > MD5 (postgresql-7.3.5.tar.gz) = ef2751173050b97fad8592ce23525ddf > RMD160 (postgresql-7.3.5.tar.gz) = 83d5f713d7bfcf3ca57fb2bcc88d052982911d73 > SHA1 (postgresql-7.3.5.tar.gz) = fbdab6ce38008a0e741f8b75e3b57633a36ff5ff I would also opt for having (by default) additional hash algorithms. I would prefer using method of NetBSD: using an external program called digest ( see security/digest port) to select the algorithms. Oliver Eikemeier is working a ports building infrastructure and I think it would be a good idea to this new infrastructure would support multiple hash algorithm. The most easiest way would be to define a knob like PREFERED_HASH that would list the algorithms that system would prefer, and REQUIRED_HASH that would be required to checked: - makesum should generate all the PREFERED_HASH - fetch should fail if any of the REQUIRED_HASH failed additional bit to NetBSD digest should be extended to have SIZE "hash" - this is only for simplification of bsd.port.mk rules. Today setup would be: PREFERED_HASH= MD5 SIZE REQUIRED_HASH= MD5 SIZE (except when NO_SIZE defined) Janos Mohacsi Network Engineer, Research Associate NIIF/HUNGARNET, HUNGARY Key 00F9AF98: 8645 1312 D249 471B DBAE 21A2 9F52 0D1F 00F9 AF98