Re: Debian audititing tool?
On Tue, Dec 26, 2000 at 05:27:07PM +0300, firstname.lastname@example.org wrote:
> Of course plain md5 hashes are not very helpful. But we can keep MAC for
> binaries. Tampering with MAC database is useless.
>  Message Authentication Code. One of possible ways to compute MAC is
> H(K,H(K,M)) where H is one-way hash function (MD5 or better SHA), K is key, M
> is message (protected binary).
Hey, I'm not very good at crypto; however, I was wondering what prevents the
intruder from regenerating the MAC data-base (and what is the point of the
double hashing you have stated as "H(K,H(K,M))"?).
Sorry if off-topic (though a nice critical note would be fine).
And don't forget to be gay (at least on Christmas),
Pavel M. Penev