A well-designed stealth rootkit would be certain to interfere with hash verification -- returning the expected hashes of compromised files so as to further reduce the chance of detection. The fact that the attacker/rootkit author can easily determine in advance what my authentic hashes are supposed to be is a legitimate risk in spite of the proven cryptographic safety of SHA-1, etc. This isn't paranoid, it's simply being aware of threats that exist in spite of the perfect cryptography we're all no-doubt using. Jason Coombs jasoncat_private -----Original Message----- From: Kurt Seifried [mailto:btat_private] Sent: Thursday, January 23, 2003 2:35 AM To: jasoncat_private; adminat_private; forensicsat_private Subject: Re: CRC32 vd MD5 > One more thing -- with respect to forensic analysis conducted in the context > of information security rather than legal forensics, I care more about > unpredictability of the algorithm that I'm going to use to analyze bits than > about anything else. An attacker who knows what my analysis tool looks like > with certainty can find a way around it -- an attacker who knows that I use > one of six different tools at any one time and rotate through them randomly > has only a one in six chance of guessing right and they have zero chance of > preventing me from using two different tools to analyze the same bits. Also, > I gain some security through obscurity if I supplement standard hash > algorithms with algorithms of my own design -- and not because my own > algorithms are going to be as provably secure/free of collisions, but > because it is impossible for an attacker to know ahead of time what their > bits are going to look like when processed by my code unless they first > obtain a copy of my code. Wouldn't it be simpler to just use proven algorithms such as MD5/SHA1 and if you want to be very paranoid take sums of random sized/placed blocks of data on the disk? It seems rather futile to create your own methods, as the attacker would only be caught by them if they somehow manage to fool MD5/SHA1, which I think is unlikely. Wouldn't your efforts be better spent on improving the collection/analysis of data and ensuring that the tools (not the algorithms) are "faked" out (to use a poor phrase). > This is an appropriate role for security through obscurity; often times > people think they're getting security through obscurity when in fact they've > just created one more secret that has to be kept that is relatively easy to > discover. > > Jason Coombs > jasoncat_private Kurt Seifried, kurtat_private A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/ ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Jan 23 2003 - 18:05:13 PST