[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Crypto software that *is* exportable from the USA

> Bear Giles <bear@coyotesong.com> wrote:
> > The only thing resilient to compromised servers are cryptographically 
> > signed cryptographic checksums.  Which requires PGP.  Which is not 
> > exportable.  And which requires a "chain of trust" to evaluate
> > whether to trust the key used to sign the checksum.
> 
> Actually...
> 
> for the case of a pre-planned upgrade, a simple md5sum check -- that
> the downloaded file has a md5sum which matches an archive which has
> already been examined and "seems clean" -- would be sufficient (at
> least in terms of mechanical integrity).

But you're biting your own tail here.  Where do you get that "good"
checksum?
 
You can't get it from the archive site, since a compromised archive
implies that the local MD5 checksum may also be compromised.  If the
attacker doesn't replace the checksums, great.  If he does ....

If you distribute it as part of your package, you can't load newer
packages... which makes the entire exercise academic.

If you distribute it from a "trusted" site, then compromising *that*
site results in the same problem.  

Even if you try to bootstrap the system, how do I know that the 
package I get was the one you wrote?  How do I know that the TLD
tables haven't been corrupted, or a DNS entry hijacked, or ....

And again, what is the problem you're trying to solve that requires
strong encryption in the mirroring software?  AFAIK, MD5 checksums
are *not* export restricted.

Bear Giles
bgiles@coyotesong.com
Reply to: