Poul-Henning Kamp wrote:
In message <[EMAIL PROTECTED]>, Chuck Swiger writes:
Checksumming the device image is a fine way of checking the integrity of it,
assuming it is read-only. The only thing you might want to do is use two or
three checksum algorithms (ie, use sha256 and md5 and something else), so that
someone can't create a new image which matches the sha256 checksum of the
original.
A much better idea is to send a random "salt" to be prepended to
the disk image before it is run through sha256, that would prevent
the attacker from running sha256 and any other algorithm you
could care for on the image, store the results and return them
with trojans.
That suggestion is a very good point, although trying to find a single
trojaned image which matches several checksum methods is supposed to be a
highly difficult task.
--
-Chuck
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
