Hi,

On 2004/04/05 07:21, Donovan Baarda wrote:
[snip]
> there are four ways crafted blocks can be use;
> 
> 1) two crafted blocks in the "original" file
> 
> 2) two crafted blocks in the "target" file
> 
> 3) a crafted pair of "target" and "original" files with matching
> block(s)
> 
> 4) a block in the "target" crafted to match a block in the "original"
[snip]
> Summary;
> 
> case 2) has no impact
> 
> case 4) is of minimal impact in rsync, and sufficiently hard in
> librsync.
> 
> librsync needs a whole file checksum. Without it, it silently fails for
> case 1), 3), and 4).
> 
> librsync could benefit from a random checksum_seed. It would need to be
> included in the signature. Without it librsync is vulnerable to cases 1)
> and 3).
[snip]
> rsync shouldn't need a fixed seed for batch modes... just store the seed
> in the signature. using a fixed seed makes it vulnerable to 1) and 3).

I fully agree with your analysis.
I'll just note that in many situations, case 2 can be elevated to case 3
simply by transferring the file twice.

  Eran
-- 
To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html

Reply via email to