From owner-freebsd-security@FreeBSD.ORG Tue Jul 11 20:52:50 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A35516A505 for ; Tue, 11 Jul 2006 20:52:50 +0000 (UTC) (envelope-from arne_woerner@yahoo.com) Received: from web30313.mail.mud.yahoo.com (web30313.mail.mud.yahoo.com [68.142.201.231]) by mx1.FreeBSD.org (Postfix) with SMTP id 5F58143D69 for ; Tue, 11 Jul 2006 20:52:14 +0000 (GMT) (envelope-from arne_woerner@yahoo.com) Received: (qmail 16996 invoked by uid 60001); 11 Jul 2006 20:52:13 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=Rm6OLpfRinnzSIHrhnA1Xv2bFnWZg9f7Uofy5PuAdamb20DfTxw01m32xpi5Ff1pRsJYYnEnkuaeRTBYaQCWh/1aGULIxafG4kdSqGbWNt4PPiWozx9YKKcpsV/uCIpOUFW/gMEQ0M/oqZ33BIM1N2lOCteyQyXXmqigguVDtg0= ; Message-ID: <20060711205213.16994.qmail@web30313.mail.mud.yahoo.com> Received: from [213.54.82.225] by web30313.mail.mud.yahoo.com via HTTP; Tue, 11 Jul 2006 13:52:13 PDT Date: Tue, 11 Jul 2006 13:52:13 -0700 (PDT) From: "R. B. Riddick" To: Chuck Swiger , Poul-Henning Kamp In-Reply-To: <44B408E7.8070000@mac.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Cc: freebsd-security@freebsd.org Subject: Re: Integrity checking NANOBSD images X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Jul 2006 20:52:50 -0000 --- Chuck Swiger wrote: > That suggestion is a very good point, although trying to find a single > trojaned image which matches several checksum methods is supposed to be a > highly difficult task. > If the hash function is cryptographically secure, even a single such hash function/method should be enough... Although there is this birthday paradoxon (or what it is called in english): IIRC it is about 23 people in a room and astonishingly the probability that 2 of them have the same birthday is more or equal to 0.5 under certain simplifying assumptions (e. g. that there are so many people from which the sample can be taken (I mean: A world with only 23 people, which have pairwise different birthdays would be unsuitable for that probabilistic experiment))... But your multi-hash-method idea has still the problem, that the trojan could just send the expected hash values after some delay... -Arne __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com