Integrity checking NANOBSD images
Chuck Swiger
cswiger at mac.com
Tue Jul 11 20:24:20 UTC 2006
Poul-Henning Kamp wrote:
> In message <44B4010E.7010809 at mac.com>, Chuck Swiger writes:
>> Checksumming the device image is a fine way of checking the integrity of it,
>> assuming it is read-only. The only thing you might want to do is use two or
>> three checksum algorithms (ie, use sha256 and md5 and something else), so that
>> someone can't create a new image which matches the sha256 checksum of the
>> original.
>
> A much better idea is to send a random "salt" to be prepended to
> the disk image before it is run through sha256, that would prevent
> the attacker from running sha256 and any other algorithm you
> could care for on the image, store the results and return them
> with trojans.
That suggestion is a very good point, although trying to find a single
trojaned image which matches several checksum methods is supposed to be a
highly difficult task.
--
-Chuck
More information about the freebsd-security
mailing list