[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian audititing tool?

On Tue, Dec 26, 2000 at 05:27:07PM +0300, dginsburg@mail.ru wrote:
> Of course plain md5 hashes are not very helpful. But we can keep MAC[1] for
> binaries. Tampering with MAC database is useless.
> ...
> [1] Message Authentication Code. One of possible ways to compute MAC is
> H(K,H(K,M)) where H is one-way hash function (MD5 or better SHA), K is key, M
> is message (protected binary).

Hey, I'm not very good at crypto; however, I was wondering what prevents the
intruder from regenerating the MAC data-base (and what is the point of the
double hashing you have stated as "H(K,H(K,M))"?).

Sorry if off-topic (though a nice critical note would be fine).

And don't forget to be gay (at least on Christmas),
Pavel M. Penev

Reply to: