Bug#454666: marked as done (MD5 signatures provide no security)

To: "Eugene V. Lyubimkin" <jackyf.devel@gmail.com>
Subject: Bug#454666: marked as done (MD5 signatures provide no security)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sun, 07 Dec 2008 09:39:09 +0000
Message-id: <[🔎] handler.454666.D454666.122864256724964.ackdone@bugs.debian.org>
References: <493B987B.9070007@gmail.com> <Pine.LNX.4.53.0712061409170.30849@www.pagansexcult.org>

Your message dated Sun, 07 Dec 2008 11:33:47 +0200
with message-id <493B987B.9070007@gmail.com>
and subject line state of #454666
has caused the Debian Bug report #454666,
regarding MD5 signatures provide no security
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
454666: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454666
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org
Subject: MD5 signatures provide no security
From: bear@pagansexcult.org
Date: Thu, 6 Dec 2007 14:33:06 -0800 (PST)
Message-id: <Pine.LNX.4.53.0712061409170.30849@www.pagansexcult.org>

Package: dpkg
Version: 1.13.25
Severity: critical

Note: reported against the current version of dpkg,
but applies equally to all versions up to the present
time.

MD5 checksums are not secure.  A recently discovered
mathematical technique allows *ANY* document containing a
few attacker-chosen "random" blocks to have any chosen MD5
checksum. The paper is titled "Vulnerability of software
integrity and code signing applications to chosen-prefix
collisions for MD5" by Arjen Lenstra and Benne de Weger,
Bell Laboratories.  Full text is available online.[1]

In particular, it is now computationally feasible for
a single attacker with a desktop machine to modify any
executable of his or her choosing to have any desired
MD5 checksum.

Exploitation of this flaw would allow an attacker to
substitute arbitrary code for any legitimate Debian package
using a "man in the middle" attack undetected whenever a
user is installing new software, or to put up a debian
mirror site or repository containing arbitrary code
disguised as legitimate Debian software and having the same
checksums.

                Ray Dillinger



[1] http://www.win.tue.nl/hashclash/SoftIntCodeSign/

--- End Message ---

--- Begin Message ---

To: 454666-done@bugs.debian.org

Subject: state of #454666

From: "Eugene V. Lyubimkin" <jackyf.devel@gmail.com>

Date: Sun, 07 Dec 2008 11:33:47 +0200

Message-id: <493B987B.9070007@gmail.com>
Hello.

As already said by Sam Hocevar, this technique doesn't allows man-in-the-middle attack to
be done for Debian packages, because no one Debian Developer/Maintainer will append some
pieces of blob to Debian packages. So, MD5 provides security for Debian. Closing.

-- 
Eugene V. Lyubimkin aka JackYF, JID: jackyf.devel(maildog)gmail.com
Ukrainian C++ developer, Debian APT contributor
Attachment: signature.asc
Description: OpenPGP digital signature

--- End Message ---

Reply to:

Prev by Date: Processed: forcibly merging 64141 445311
Next by Date: Processed: retitle 458029 to [doc] package descriptions are unclear
Previous by thread: Processed: forcibly merging 64141 445311
Next by thread: Processed: retitle 458029 to [doc] package descriptions are unclear
Index(es):
- Date
- Thread