Bug#665921: apt: use all hashsums availble in secure APT

To: Christoph Anton Mitterer <calestyo@scientia.net>
Cc: 665921@bugs.debian.org
Subject: Bug#665921: apt: use all hashsums availble in secure APT
From: Daniel Hartwig <mandyke@gmail.com>
Date: Sat, 02 Mar 2013 18:32:07 +0800
Message-id: <[🔎] 87621a3xeg.fsf@gmail.com>
Reply-to: Daniel Hartwig <mandyke@gmail.com>, 665921@bugs.debian.org

Control: tags 423902 = wontfix
Control: tags 665921 = wontfix
Control: severity 665921 wishlist
Control: merge 423902 665921

Hello again Christoph, others

Thanks for your continued interest and feedback regarding security in
apt.

In Bug#423902, Colin Watson <cjwatson@debian.org> wrote:
> On Mon, May 14, 2007 at 10:20:18PM +0200, Thomas Geyer wrote:
> > Package: apt
> > Version: 0.6.46.4
> > Severity: wishlist
> > 
> > 
> > Collisions for md5 and sha1 were found allready,
> > so it's likely, that in the nearer future one of them alone won't be
> > safe enough.
> > 
> > Since it is harder to find collisions for two checksums than for one,
> > apt should use both of them at the same time for verifying packages.
>
> This demonstrates a common misconception about hash algorithm, I'm
> afraid. Search for "multicollisions" to find papers debunking the
> usefulness of this technique. In short, concatenating MD5 and SHA1 adds
> approximately six bits of security over using SHA1 alone, which is
> unlikely to be worth the computational effort of doing so.

In Bug#423902, Christoph Anton Mitterer <calestyo@scientia.net> wrote:
> Package: apt
> Version: 0.8.15.10
> Severity: important
> Tags: security

Downgrading the severity and removing security tag.  All potential
security issues are covered elsewhere (i.e. check md5 when sha256
available).  Not checking every digest has a negligible impact on
security.

> Hi.
>
> I hope this isn't a duplicate (with ~900 bugs, I may have overseen one ;-) ).
>
> APT uses hash sum verifications in many places (hopefully all).
>
> The files in /var/lib/apt/lists/ provide different kinds of hashsums (MD5, SHA*)
> in all "kinds" of files, Release, Packages and Sources.
>
> I made some simple tests, modifying these sums and doing actions.
>

> It seems that for different actions (I tried with apt-get "download" and "source"),
> different hashsums are looked at.
> E.g. for one of them it was "just" MD5, which is known to be quite weak now.

See <https://bugs.launchpad.net/bugs/1098738> and
<https://bugs.launchpad.net/bugs/1098752> for these issues.  The main
part of your post concerns this idea:

> May I suggest to do the following:
> Validate ALL available, and if only one of them fails, consider the verification
> to be failed.
>
> The above should be the default.

Colin's response adequately covers why this will not be done.

Merging and +wontfix as appropriate.

Regards

Reply to:

Prev by Date: Bug#678002: marked as done (apt-get dist-upgrade fails with: Internal Error, No file name for libbz2-1.0)
Next by Date: Processed: Re: Bug#665921: apt: use all hashsums availble in secure APT
Previous by thread: Bug#678002: marked as done (apt-get dist-upgrade fails with: Internal Error, No file name for libbz2-1.0)
Next by thread: Processed: Re: Bug#665921: apt: use all hashsums availble in secure APT
Index(es):
- Date
- Thread