> That's really a nice idea by uid0, to have something like > www.md5signatures.com/sigs.php?soft=fragroute > or something like that, Like a large database of valid MD5 signatures > for those opensource authors who want to take part in it. They can > just add a link instead of the whole md5sum, which (can be modified by > the intruder) , If md5signatures gets compromised, it's not necessary > that the actual file location is compromised too. That sounds like a > new Thread for discussion.
This central repository would have the problem of validating the
person uploading the md5 signature. For example, the 'fragroute'
author may not chose to participate. Who is going to prevent
some random person to add a 'fragroute' md5 sum for a very different
(malware) version?
This basically comes down to trusing the central repository, similar to
trusting a central key authority, e.g. Verisign and the certificates it
hands out for code signing. And Verisign has at least once handed out a
'Microsoft' certificate to an unauthorized person.
I agree that storing md5 sigs on the same server as the executable
doesn't make too much sense. PGP signatures are a better way to go.
There are a number of advantages of PGP signatures:
- The key does not have to be stored with the signature. If I am able to
replace a file, I am very likely able to replace the key if it is stored
in the same location with the same permissions. With PGP, the key does
not need to be stored anywhere near the signature or the product for the
signature. An intruder may be able to replace the files (product and
signature), but the signature, while it may be valid, will not match the
key used by the developer. Also, PGP keys are usually protected by a
pass phrase.
- key signing. If I download a tool from developer A, and I never used
one of her tools before, but the key of developer A is signed by
developer B which I know and trust.
- same key for different products. I downloaded version A of a program
and now version B came out. I still have the public key that was used
for version A so I can use it to verify that version B is ok (given that
the developer keeps using the same key)
- key servers. There are a number of well established key servers that
would work similar to the 'md5signature' server proposed above. Of
course, it has the same vulnerabilities. None of the key servers I know
makes an effort to validate the authenticity of the signature. However,
as mentioned above, since the same signature can be used to sign
different products/versions, it is likely that over time I will be able
to collect a good number of trusted signatures.
While it is usually considered best to trust only signatures that one
received in person (key signing party) or that are signed by trusted
entities, I found it sufficient to establish trust into signatures over
time by using them. If I am exchanging pgp keys with someone, it is best
to use the keys in daily regular business, so by the time you need the
key "for real" you not only know how to use it, but you also know that you
can trust a particular key. It is not likely that a 'man in the middle'
attack will go on over months at a time without either side realizing that
something is broken.
--
---------------------------------------------------------------
[EMAIL PROTECTED] Collaborative Intrusion Detection
join http://www.dshield.org
msg07302/pgp00000.pgp
Description: PGP signature
