Re: PREVIEW: bsign embeds hash and/or digital signature in ELF files

To: "Zephaniah E, Hull" <warp@whitestar.soark.net>
Cc: Debian-Devel <debian-devel@lists.debian.org>
Subject: Re: PREVIEW: bsign embeds hash and/or digital signature in ELF files
From: Oscar Levi <elf@buici.com>
Date: Mon, 14 Dec 1998 10:50:02 -0800
Message-id: <[🔎] 19981214105002.A16780@hazel.buici.com>
In-reply-to: <[🔎] 19981214052758.B3569@whitestar.soark.net>; from Zephaniah E, Hull on Mon, Dec 14, 1998 at 05:27:58AM -0500
References: <[🔎] 19981212210928.A9458@hazel.buici.com> <[🔎] 19981214004046.C320@cs.leidenuniv.nl> <[🔎] 19981214052758.B3569@whitestar.soark.net>

On Mon, Dec 14, 1998 at 05:27:58AM -0500, Zephaniah E, Hull wrote:
> On Mon, Dec 14, 1998 at 12:40:46AM +0100, Wichert Akkerman wrote:
> <snip>
> > This sounds like a very usefull tool which can be used as an alternative
> > to tripwire.
> 
> Erm, if someone has access to change the binarys then it is no problem
> to also change the signature in said binarys..

If someone has access to your PGP key, then they can impersonate you.
If someone modifies a binary and signs it with a key you don't trust
then you can know that.  It isn't the presence of a signature that is
important.  It is the presence of a trusted signature, just
like...email.

> tripwire is basicly useless if its not on a hardware level read-only
> device, and I don't see how binarys having the signature in them is
> secure if one can change the binarys, which, if they can't do, there is
> little reason to use the signatures for security..

The hardware-level issue is interesting.  I can see one of two ways to
make signed binaries strongly secure.  Either use a smart-card
(hardware assisted cryptosystem), put all of the trusted public keys
on a read-only device, use NFS or another remote access method to read
the data on the target host.  Most people put their keys on the hard
disk which doesn't really help much since these could be tampered.  I
agree there has to be a read-only component.  I think that it is far
better to have one datum immutable than all of the relevent data, aka
tripwire.  

> 
> Now, the signatures, checked through some outside (non writable) source,
> do look like a very nice idea.. (=:]

As I wrote.  

I recognize that this version has none of this.  The harder part of
the task is what I have already done.  Guaranteeing secure access to
keys is something already solved.

> 
> Zephaniah E, Hull.
> > 
> > Wichert.
> > 
> > -- 
> > ==============================================================================
> > This combination of bytes forms a message written to you by Wichert Akkerman.
> > E-Mail: wakkerma@cs.leidenuniv.nl
> > WWW: http://www.wi.leidenuniv.nl/~wichert/
> 
> 
> 
> -- 
>  PGP EA5198D1-Zephaniah E, Hull <warp@whitestar.soark.net>-GPG E65A7801
>     Keys available at http://whitestar.soark.net/~warp/public_keys.
>            CCs of replies from mailing lists are encouraged.

Reply to:

References:
- PREVIEW: bsign embeds hash and/or digital signature in ELF files
  - From: Oscar Levi <elf@buici.com>
- Re: PREVIEW: bsign embeds hash and/or digital signature in ELF files
  - From: Wichert Akkerman <wakkerma@cs.leidenuniv.nl>
- Re: PREVIEW: bsign embeds hash and/or digital signature in ELF files
  - From: "Zephaniah E, Hull" <warp@whitestar.soark.net>

Prev by Date: Re: GTK and related libs should reside in /usr/X11R6
Next by Date: Re: menu entries (Was Re: Articles mentioning Debian )
Previous by thread: Re: PREVIEW: bsign embeds hash and/or digital signature in ELF files
Next by thread: Re: PREVIEW: bsign embeds hash and/or digital signature in ELF files
Index(es):
- Date
- Thread