Integrity checking NANOBSD images
Mike Tancsa
mike at sentex.net
Tue Jul 11 20:18:05 UTC 2006
At 04:05 PM 11/07/2006, Poul-Henning Kamp wrote:
>In message <44B4010E.7010809 at mac.com>, Chuck Swiger writes:
>
> >Checksumming the device image is a fine way of checking the
> integrity of it,
> >assuming it is read-only. The only thing you might want to do is
> use two or
> >three checksum algorithms (ie, use sha256 and md5 and something
> else), so that
> >someone can't create a new image which matches the sha256 checksum of the
> >original.
>
>A much better idea is to send a random "salt" to be prepended to
>the disk image before it is run through sha256, that would prevent
>the attacker from running sha256 and any other algorithm you
>could care for on the image, store the results and return them
>with trojans.
>
>Copying the sha256 binary over is no guarantee against a kernel
>embedded trojan.
>
>But then again, how paranoid one has to be is a matter of preference.
Hi,
Thanks for the responses. I know there are no perfect ways.
I guess I want to understand the risk as much as possible and
mitigate against tampering as much as possible without designing the
requirement for some guy to sit in front of the box with a gun :)
With respect to prepending a random salt to the image, can you expand
what you mean ?
---Mike
>--
>Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
>phk at FreeBSD.ORG | TCP/IP since RFC 956
>FreeBSD committer | BSD since 4.3-tahoe
>Never attribute to malice what can adequately be explained by incompetence.
More information about the freebsd-security
mailing list