Re: Release DigSig 0.1: LSM module checking digital signatures before loading the binaries

From: Leendert van Doorn (leendertat_private)
Date: Wed Sep 17 2003 - 23:15:14 PDT

  • Next message: Makan Pourzandi: "Re: Release DigSig 0.1: LSM module checking digital signatures before loading the binaries"

    # > Release of digsig.0.1
    #
    # > We implemented a kernel module using LSM hooks for 2.5.66
    # > which checks signatures before running a binary. The main goal is to 
    # > insert digital signatures inside the ELF binary
    # > and verify this signature before loading the binary. 
    # 
    # This sounds *very* similar to CryptoMark 1, which we released in 2001 
    
    It also sounds very similar to a system my intern Gerco Ballintijn did in 2000 which was published as:
    
    Van Doorn, L., Ballintijn, G., Arbaugh, W.A., Signed Executables for Linux, UMD CS-TR-4259, June 2001
    (available from my CMU home page http://www.ece.cmu.edu/~leendert/publications/SignedExec.pdf).
    
    Here we actually cached the signature verification results and found that the overhead becomes
    insignificant because the working set of programs is very small. Of course, signature caching
    only works for local file systems, remote file systems are not cached.  Full comparison for a
    kernel with and with-out signature checking is in the paper.
    
    Just as in Crispin's case we couldn't release the source code. We used rsaref for the assymetric
    crypto which license is incompatible with GPL.
    
    	Leendert
    



    This archive was generated by hypermail 2b30 : Wed Sep 17 2003 - 23:17:02 PDT