From owner-freebsd-security@FreeBSD.ORG Thu Aug 26 08:54:27 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5D21C16A4CF for ; Thu, 26 Aug 2004 08:54:27 +0000 (GMT) Received: from Neo-Vortex.Ath.Cx (203-217-81-134.dyn.iinet.net.au [203.217.81.134]) by mx1.FreeBSD.org (Postfix) with ESMTP id 93B2343D64 for ; Thu, 26 Aug 2004 08:54:19 +0000 (GMT) (envelope-from root@Neo-Vortex.Ath.Cx) Received: from localhost.Neo-Vortex.got-root.cc (Neo-Vortex@localhost.Neo-Vortex.got-root.cc [127.0.0.1]) by Neo-Vortex.Ath.Cx (8.12.10/8.12.10) with ESMTP id i7Q8rq0p015985; Thu, 26 Aug 2004 18:53:55 +1000 (EST) (envelope-from root@Neo-Vortex.Ath.Cx) Date: Thu, 26 Aug 2004 18:53:52 +1000 (EST) From: Neo-Vortex To: Peter Jeremy In-Reply-To: <20040826080811.GQ423@cirb503493.alcatel.com.au> Message-ID: <20040826185123.F15778@Neo-Vortex.Ath.Cx> References: <6.1.2.0.0.20040818141732.04a6e060@64.7.153.2> <20040825201640.GB25259@odin.ac.hmc.edu> <20040826080811.GQ423@cirb503493.alcatel.com.au> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-security@freebsd.org Subject: Re: Report of collision-generation with MD5 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Aug 2004 08:54:27 -0000 On Thu, 26 Aug 2004, Peter Jeremy wrote: > On Wed, 2004-Aug-25 13:16:40 -0700, Brooks Davis wrote: > >On Wed, Aug 25, 2004 at 09:51:50PM +0200, guy@device.dyndns.org wrote: > >> I _believe_ answer is "no", because i _think_ the FreeBSD ports system also > >> verify the size of the archive(s) (cat /usr/ports/any/any/distinfo to see > >> what made me think that). > > I don't believe the size adds much security. it makes it harder for the person, it limits them in what they can do, it also picks up files whos download was interupted... > >Paranoia might suggest adding support for multiple hashes which would > >vastly increase the difficulty of finding a collision > > I'd agree with this. Identifying suitable hashes is a more difficult task. sha-1? rmd160? > >Hmm, one thing to think about might be making sure the various archive > >formats are hard to pad with junk. I think the stream based ones need > >to allow zero pading at the end to support tapes, but it would be > >intresting to see if other junk can end up in pading sections without > >the archiver noticing. If so, that would be a good thing to find a way > >to detect. > > tar uses one (or two) blocks of NULs to mark logical EOF - anything > beyond that is ignored. gzip ignores (but warns) about padding after > its expected EOF. I'm not sure about bzip2. I suspect it would be > possibly to include arbitrary padding inside a ZIP file, though > probably not at the end. This would make it relatively easy to pad a > trojan'd file to any desired size. here is where the size thing comes in... if they have to add padding then it makes it harder (because of warnings, etc)