On Mon, 2002-10-14 at 15:59, Dan Kaminsky wrote:
> Dave Aitel wrote:
>
> >On Mon, 2002-10-14 at 14:40, Dan Kaminsky wrote:
> >
> >
> >
> >>>
> >>>
> >>>
> >>>
> >>For remotely computed data / hashes, you can't -- thus the folly of
> >>trusting MD5 hashes on critical files downloaded off of untrusted
> >>servers. If somebody can modify the tarball, they can probably modify
> >>the hash too.
> >>
> >>
> >
> >Well, not always, if there is a semi-trusted third party or two - see
> >http://www.immunitysec.com/hashdb.html for one implementation of this
> >sort of thing.
> >
> >
> >
> Cool stuff there! Maybe host the DB over DNS or something trivial.
> hash.filename.immunitysec.com :-)
>
> Incidentally, Bitzi was/is trying to do something like your stuff for
> arbitrary data -- they didn't care what(P2P), they just hosted the
> translation between hash to content. Genuinely cool crypto, using
> Merkle's old Hash Tree concept.
>
> The great thing about hash trees is that you don't need the entire file
> to find out you're being fed bad data.
>
> I believe Bitzi opened their code, too: www.bitzi.com.
>
> --Dan
>
Cool. I'd go look at that, but 10000 people are currently grabbing SPIKE
Proxy or SPIKE looking for that IIS DoS, which means my network
connection is swamped. I squeeze my e-mail through, though. :>
Any solution to this problem would be good - be it mine, or something
else. I'm really tired of hearing about opensource.tar.gz getting
trojaned. If Ximian, Freshmeat.net, Akamai or something would host a
HashDB server, we could be done with that stuff once and for all. As it
is, you're only protected for files that I have bothered to go out and
grab, or validated off of announcements.
--
Dave Aitel <dave_at_immunitysec.com>
Immunity, Inc
Received on Oct 14 2002
Intro
