[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Crypto software that *is* exportable from the USA

> Bear Giles <bear@coyotesong.com> wrote:
> > But you're biting your own tail here.  Where do you get that "good"
> > checksum?
> 
> Any place which is acceptable to the package maintainer -- perhaps out
> of a pgp signed archive.

Remember, the start of this discussion was an (FTP) mirroring program
that got around encryption export laws by importing software from a
site in South Africa.

The problem isn't in *producing* a package, it's in *acquiring* that
package later.  What happens if someone successfully attacks a site
immediately before you mirror it?

MD5 checksums aren't adequate, since the attacker can forge new ones.
Cryptographically signed checksums don't help, since the software (at
time of export) can't include the software to verify them.  Downloading
PGP from the ZA site won't help because you can't verify *its* checksum.

Even if you hardcode in the signature for a known good copy of PGP,
download and verify it, then use it to download and verify the latest
version, *how do you know your original package was valid*?!  Maybe
the copy you downloaded actually downloads from blackhat.com.za.

> Bootstrapping is hard -- best you can do for the general case is compare
> notes after you've gotten a secure system up.

And that, it seems, is exactly the "problem" that this program seeks
to "fix."
  
Bear Giles
bgiles@coyotesong.com
Reply to: