1 |
On Tue, 10 Feb 2004 09:09:01 +0000 |
2 |
James Harlow <james@××××××××××××××.nu> wrote: |
3 |
|
4 |
> On Tue, Feb 10, 2004 at 09:00:03AM +0100, shoehn@××××××××××××××××××××.info wrote: |
5 |
> > I don't consider all these checks very useful. How can I be sure the |
6 |
> > files emerge downloaded are really the correct ones? I guess if |
7 |
> > someone would try fool me with the help of the portage system he |
8 |
> > would change the version of portage with a "bad" one, that would |
9 |
> > obtain the "bad" files from an evil server, but with correct |
10 |
> > MD5 sums. So noone would realize that unless the tampered copy of |
11 |
> > portage is detected. |
12 |
> |
13 |
> This is computationally infeasable - even the worst break on the MD5 |
14 |
> algorithm only brings it down to an effective complexity of 2^80 or so. |
15 |
> That means an average of 2^40 files must be created and hashed before |
16 |
> a correctly-hashing file is made - that's about 10^12 files. Even if |
17 |
> someone can hash 100 files a second, that's around a year. |
18 |
|
19 |
That's not what I meant. If portage uses an evil server both the files and the MD5 values are tampered, the |
20 |
problem is that the user considers the wrong MD5 value as correct. I do not generate a file that has the |
21 |
"official" MD5 value, I give the user a wrong MD5 value, by establishing a bad mirror. |
22 |
|
23 |
- |
24 |
Sebastian |
25 |
|
26 |
-- |
27 |
gentoo-security@g.o mailing list |