[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Upgrade the embedded checksum from MD5 to SHA256?



Hey Roland!

On Sun, Dec 15, 2024 at 11:46:15AM +0100, Roland Clobus wrote:
>
>In the Debian-installer main menu the entry 'Check the integrity of
>installation media' verifies whether the currently booted image is untampered
>(package=cdrom-checker).
>
>It reads the file 'md5sum.txt' and verifies all files listed there [1].
>In live-build we provide sha256sum.txt since 2020-03-18, since MD5 checksums
>are known to be insecure.
>
>There are good instructions on the download pages [2] that help with
>verification of the downloaded ISO file using sha256 and sha512, but the
>verification on a booted medium uses only md5.

That's fine IMHO: at this point, the checksum is for verifying media
corruption rather than tampering. md5 is fine for that. We tell people
how to verify an image download using stronger checksum, as that's the
place that's likely to be attacked.

>Could/Should the checksum file be upgrade to use sha256 instead of md5? I
>could provide a MR if desired.
>
>The cost: 32 additional bytes per file. (With currently about 1200 files that
>would be 38KiB)

I don't think this matters, tbh. Any other opinions?

-- 
Steve McIntyre, Cambridge, UK.                                steve@einval.com
Who needs computer imagery when you've got Brian Blessed?


Reply to: