Date: Thu, 26 Aug 2004 09:34:26 +0200 (CEST) From: Mohacsi Janos <mohacsi@niif.hu> To: Scott Gerhardt <scott@g-it.ca> Cc: Oliver Eikemeier <eikemeier@fillmore-labs.com> Subject: Re: Report of collision-generation with MD5 Message-ID: <20040826091143.S63227@mignon.ki.iif.hu> In-Reply-To: <40BEB77B-F6E3-11D8-B9B9-000393801C60@g-it.ca> References: <XFMail.20040825215150.guy@device.dyndns.org> <40BEB77B-F6E3-11D8-B9B9-000393801C60@g-it.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 25 Aug 2004, Scott Gerhardt wrote: > >> >> On 18-Aug-2004 Mike Tancsa wrote: >>> As I have no crypto background to evaluate some of the (potentially wild >>> and erroneous) claims being made in the popular press* (eg >>> http://news.com.com/2100-1002_3-5313655.html see quote below), one thing >>> that comes to mind is the safety of ports. If someone can pad an archive >>> to come up with the same MD5 hash, this would challenge the security of >>> the FreeBSD ports system no ? >> >> I _believe_ answer is "no", because i _think_ the FreeBSD ports system also >> verify the size of the archive(s) (cat /usr/ports/any/any/distinfo to see >> what made me think that). >> >> Padding would modify archive size. Finding a backdoored version that both >> satisfy producing the same hash and being the same size is probably not >> impossible, but how many years would it take ? >> >> >> Now, i may be wrong. Any enlightement welcome. >> >> -- >> Guy >> _______________________________________________ >> > > Why not adopt the OpenBSD method for ports. OpenBSD supplies 3 hash/digests > for downloaded binaries and sources. Those OpenBSD guys leave nothing to > chance. > > ports/databases/postgresql] scott% cat distinfo > MD5 (postgresql-7.3.5.tar.gz) = ef2751173050b97fad8592ce23525ddf > RMD160 (postgresql-7.3.5.tar.gz) = 83d5f713d7bfcf3ca57fb2bcc88d052982911d73 > SHA1 (postgresql-7.3.5.tar.gz) = fbdab6ce38008a0e741f8b75e3b57633a36ff5ff I would also opt for having (by default) additional hash algorithms. I would prefer using method of NetBSD: using an external program called digest ( see security/digest port) to select the algorithms. Oliver Eikemeier is working a ports building infrastructure and I think it would be a good idea to this new infrastructure would support multiple hash algorithm. The most easiest way would be to define a knob like PREFERED_HASH that would list the algorithms that system would prefer, and REQUIRED_HASH that would be required to checked: - makesum should generate all the PREFERED_HASH - fetch should fail if any of the REQUIRED_HASH failed additional bit to NetBSD digest should be extended to have SIZE "hash" - this is only for simplification of bsd.port.mk rules. Today setup would be: PREFERED_HASH= MD5 SIZE REQUIRED_HASH= MD5 SIZE (except when NO_SIZE defined) Janos Mohacsi Network Engineer, Research Associate NIIF/HUNGARNET, HUNGARY Key 00F9AF98: 8645 1312 D249 471B DBAE 21A2 9F52 0D1F 00F9 AF98
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040826091143.S63227>