Re: Integrity checking NANOBSD images

In message <>, Mike Tancsa writes:

With respect to prepending a random salt to the image, can you expand
what you mean ?

If you just run sha256 on the disk image, and the attacker
finds out, he will just run sha256 himself and record the result.

Arming a trojan to just do 'sleep 145 ; echo "sha256 = 0248482..."'
when you thing you're running sha256 would be trivia.

If you take a random hexstring of 16 digits and prepend to the
disk-image, then the output of the sha256 is not constant
and in order to simulate it, he has to have access to the disk
image to feed into sha256

Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk@xxxxxxxxxxx | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"