-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>>>> "jm" == admin <adminat_private> writes: jm> Furthermore, would it be realistically possible to change data jm> in an image whose authenticity is based solely on CRC32 jm> value(s) without changing the values in question, and thereby jm> arousing suspicion? CRC32 is not a cryptographic hash, and it's immunity to tampering and forging is quite weak. I'm not a cryptographic expert, so I can't expose the whys and hows of the tampering process, but a quick search on google revealed this: - - http://perlmonks.thepen.com/112024.html "The code below takes an arbitrary string, and adds some junk on the end of it to make the CRC come out to any arbitrary value." So it doesn't seem so hard to tamper with the file content and still have a "valid" crc32 checksum. I personally wouldn't use crc32-only based FIDS. Best regards, - -- Andrea Glorioso andrea.glorioso@binary-only.com Binary Only http://www.binary-only.com/ Via A. Zanolini, 7/b Tel: +39-348.921.43.79 40126 Bologna Fax: +39-051-930.31.133 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/> iD8DBQE+GAwlP8uivPBALz8RArnlAJ9cPhQhXped55QziBo3TACQ1LMnEgCeJpCr GGO9VNr1yF4ASyaDX/tiyT0= =p/Sg -----END PGP SIGNATURE----- ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Jan 05 2003 - 15:43:36 PST