Time to replace MD5?

classic Classic list List threaded Threaded
22 messages Options
12
Reply | Threaded
Open this post in threaded view
|

Re: Time to replace MD5?

Florian Weimer
* Steffen Schulz:

> If for whatever reason people get untrustworthy, it would be nice to
> know as soon as possible, no? Government, Money, ..

Well, in this case, you're barking up the wrong tree.  What you really
want is some kind of audit trail, which might increase confidence in
the integrity of the package creation process.  A chain of
cryptographic hashes which is put in place at the very end of that
process is *not* an audit trail.  It only secures distribution across
the mirror network, and MD5 is currently good enough for that.

Using SHA-384 for this purpose might even give a wrong sense of
security.

> And again, this is just one attack vector. To check the impact and
> list the mitigating factors sure is good for employment. Security
> design is something else.

Security design is mostly about risk analysis.  If you built security
in from the start, it's unlikely your system will ever make it to the
point where you see actual attacks (which means, in most systems:
fraud).


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Time to replace MD5?

Bernd Eckenfels
In reply to this post by Goswin von Brederlow
In article <[hidden email]> you wrote:
> Then they can wget the Release.gpg file, Release file, Packages file
> and check each in turn. Their choice.

Which is much more complicated than checking a given fingerprint (which is
very usual for Advisories)

Gruss
Bernd


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]

12