WebApp Sec mailing list archives

Re: Code Signing ???

From: Saqib Ali <docbook.xml () gmail com>
Date: Mon, 5 Sep 2005 07:14:38 -0700

On 9/5/05, Olaf Reitmaier Veracierta <olafrv () gmail com> wrote:

Attacking Hash Functions by Poisoned Messages - "The Story of Alice and her
Boss" http://www.cits.rub.de/MD5Collisions/


you know you can use SHA1 in Code Signing, instead of md5.

In any case, a "Collision Attack <
http://en.wikipedia.org/wiki/Collision_attack >" will not suffice in
tempering with arbitrary (given) piece of code from a legitimate
vendor.
A "Pre-image Attack < http://en.wikipedia.org/wiki/Pre-image_attack >
attack" IS REQUIRED for that.

A collision attack on code-signing will work only if the attacker is
writing both the innocuous and the malicious programs. In that case
why would you trust even a innocuous program from an attacker (known
mal-ware developer) ????

Th distinction between a "pre-image attack" vs a "collision attack" is
very critical when it comes to code signing.

-- 
In Peace,
Saqib Ali
http://www.xml-dev.com/blog/
Consensus is good, but informed dictatorship is better.

Current thread:

Code Signing ??? Saqib Ali (Aug 14)
- Re: Code Signing ??? Devdas Bhagat (Aug 14)
  - Re: Code Signing ??? Saqib Ali (Aug 15)
    - Re: Code Signing ??? Saqib Ali (Sep 04)
    - Re: Code Signing ??? Olaf Reitmaier Veracierta (Sep 05)
    - Re: Code Signing ??? Saqib Ali (Sep 05)