* Philipp Kern <[email protected]>, 2015-08-06, 21:31:
The purpose of adding garbage could be to make a modified tarball
match the signature.
Which is why we also supply the length.
I thought the idea was to create a smaller malicious tarball, then
append "garbage" until the size and the hash match.
But let's go back to reality:
If the decompressor ignores trailing garbage, then it's slightly easier
to perform chosen-prefix collision attack for tarballs[0]. You don't
have to worry about compressor's CRCs or where to hide collision blocks
from the sight of an attentive code reviewer.
[0] https://lists.debian.org/[email protected]
--
Jakub Wilk
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: https://lists.debian.org/[email protected]
