The Ubuntu community has contributed 12357 ideas, 58479 comments, 1187050 votes
Idea
#7875: .deb integrity checks need improving. MD5 is cracked
|
| |
162
|
|
|
Written by zoubidoo the 30 Apr 08 at 11:30.
Category: Security.
Related to:
Nothing/Others.
Status: New
|
|
|
Description
When we download updates (deb files), we are vulnerable to attacks.
Recent results published by cryptographers say:
"MD5 should no longer be used as a hash function for software integrity or code signing purposes."
http://www.win.tue.nl/hashclash/SoftIntCodeSign/
http://www.mscs.dal.ca/~selinger/md5collision/
We really don't want some malicious code installed on nice clean ubuntu systems, keylogging, spamming, ddos'ing etc. And just imagine how quick the malicious code will be spread with apt updates.
So let's not wait for this to happen. We need to find an alternative cryptographic function. SHA-1 is not perfect but harder to crack. Does anyone know anything better?
Tags:
(none)
Attachments
No attachments.
Duplicates
Comments
|
Auzy wrote on the 30 Apr 08 at 12:25
| |
dupe
|
|
zoubidoo wrote on the 30 Apr 08 at 12:27
| |
@Auzy: Where? I didn't find any duplicates.
|
|
leu wrote on the 30 Apr 08 at 12:50
| |
idea #7831: Get away from md5 as hash-algorithm
|
|
gmatht wrote on the 1 May 08 at 02:52
|
This was discussed on Ubuntu Devel.
http://www.nabble.com/Securely-downloading-Ubuntu-td15136358.html
At this time MD5 is does its job since "We cannot target a given hash value, and produce a (meaningful) input bit string hashing to that given value." (from the link you gave). Rather the attacke needs to be able to control at least the end of the original file. If attackers can control the original files (which we are signing) then it is already game over.
Never-the-less, it was the consensus that we should migrate to stronger signatures.
|
|
ewanm89 wrote on the 1 May 08 at 10:20
|
Well, ubuntu GPG signs them, which is a good way to go.
Gentoo checks many different hashes on the source files, MD5, SHA1, RIPMED... of course this makes checks longer to execute.
|
Post your comment
|
|
|
