[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: md5sums files

On Wed, Mar 03, 2010 at 02:39:05PM +0100, Harald Braumann wrote:
> On Wed, Mar 03, 2010 at 03:06:20AM +0100, Wouter Verhelst wrote:
> > In this day and age of completely and utterly broken MD5[0], I think we
> > should stop providing these files, and maybe provide something else
> > instead.  Like, I dunno, shasums? Or perhaps gpgsigs? But stop providing
> > md5sums.
> > 
> > Or is it useful to be able to say "if it doesn't check out, it's
> > certainly corrupt, and if it does check out, it may be corrupt"? Didn't
> > think so.
> As a means to check for filesystem corruptions or non-malicious changes,
> MD5 is good enough. So until we have something better, I guess they can
> stay.
> But it would be great if the whole chain, from beginning to end, was
> secured, even against a malicious and presumably very powerful attackers.
> That would need:
>   * Package signatures
>     Currently only the release file is signed, but if you have a package
>     lying around, there is no way to check its authenticity.
>   * Cryptographically strong hashes for all files in the package 
>     and a signature on the hash file.
>     Then you could really check the authenticity of all files on the system.
>     For the hash I would skip SHA-1 and move directly to SHA-256.
    * A way to easily create a bootable device (usb, cd, whatever) that
      will check everything is in order. Extra points if that is part of
      the rescue images on the install CDs.


Reply to: