On Wed, 11 Jul 2012, Sašo Kiselkov wrote:

For example, the well-known block might be part of a Windows anti-virus
package, or a Windows firewall configuration, and corrupting it might
leave a Windows VM open to malware attack.

True, but that may not be enough to produce a practical collision for
the reason that while you know which bytes you want to attack, these
might not line up with ZFS disk blocks (especially the case with Windows
VMs which are store in large opaque zvols) - such an attack would
require physical access to the machine (at which point you can simply
manipulate the blocks directly).

I think that well-known blocks are much easier to predict than you say because operating systems, VMs, and application software behave in predictable patterns. However, deriving another useful block which hashes the same should be extremely difficult and any block hashing algorithm needs to assure that. Having an excellent random distribution property is not sufficient if it is relatively easy to compute some other block producing the same hash. It may be useful to compromise a known block even if the compromized result is complete garbage.

Bob Friesenhahn
bfrie...@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer,    http://www.GraphicsMagick.org/
zfs-discuss mailing list

Reply via email to