On 2024-11-07 16:45:54 -0500 (-0500), David Campbell wrote: [...] > dpkg currently uses MD5 to verify packages, but MD5 is considered > insecure, why not switch to SHA256 (and also update lintian)? [...] MD5 is considered insecure to collision attacks, but mounting one would require that the creator of the original file intentionally pick content that can hash to the same value as some malicious content (and even that is nontrivial, but let's set that aside for the moment). https://en.wikipedia.org/wiki/Collision_attack What you're probably worried about is preimage resistance of the algorithm (and in particular, second preimage resistance, which is what keeps some random attacker from creating a file which hashes to the same value as a known good file). https://en.wikipedia.org/wiki/Preimage_attack MD5's preimage resistance is not in question presently, that I've heard, and it would be pretty big news in the cryptography community if it were. > Please, include my email address in the CC if you respond to this > message. I am not subscribed to the mailing list. [...] Sorry, GMail doesn't accept messages from my mailserver, and I'm not going to bother jumping through hoops just to appease them. Anyone who's interested in Debian security matters should subscribe to the mailing list or read its archives in a Web browser at the very least. -- Jeremy Stanley
Attachment:
signature.asc
Description: PGP signature