[Buildroot] [PATCH 2/4] pkg-infra: add possiblity to check downloaded files against known hashes

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Yann E. MORIN <yann.morin.1998@free.fr>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 2/4] pkg-infra: add possiblity to check downloaded files against known hashes
Date: Sat, 7 Nov 2020 22:32:31 +0100	[thread overview]
Message-ID: <20201107213231.GC3971474@scaer> (raw)
In-Reply-To: <87y2jdxekx.fsf@dell.be.48ers.dk>

Peter, All,

On 2020-11-07 18:27 +0100, Peter Korsgaard spake thusly:
[--SNIP--]
>  > One thing we may consider adding to reinforce our robustness, is to
>  > store the file size in the hash file, in addition to the hash, e.g.:
[--SNIP--]
>  > This would protect against size-extension attacks, which afaiu are the
>  > only attacks really considered for now against sha2 [1]...
[--SNIP--]
> I wonder if the gain is worth the extra complexity for our users and in
> the implementation.

The implementation is pretty trivial. I have more changes against the
manual than I have against the code...

> Are there are any realistic size extension attacks
> against sha256?

Good question... At least, it looks like it was known from the onset,
during the standardisation process:

    https://www.cryptologie.net/article/417/how-did-length-extension-attacks-made-it-into-sha-2/
    http://www.cs.utsa.edu/~wagner/CS4363/SHS/dfips-180-2-comments1.pdf (comment #3)

And the following seems to imply it is pretty trivial (for a seasoned
cryptographer at least):

    https://www.whitehatsec.com/blog/hash-length-extension-attacks/
    https://blog.skullsecurity.org/2012/everything-you-need-to-know-about-hash-length-extension-attacks

So yes, it looks like length extension attacks (LEA) are easy...

However, now that I've read a bit more, especially that last article, I
doubt we'd be susceptible to such attacks. Indeed, LEA target MACs, that
is signatures. We're not using hashes that way; we just hash files, not
secrets.

So maybe this is not so interesting to add the size to the hash file...

Crypto is hard, damit... ;-)

Regards,
Yann E. MORIN.

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'

next prev parent reply	other threads:[~2020-11-07 21:32 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-07-03 19:36 [Buildroot] [PATCH 0/4 v11] Some download-related changes (branch yem/check-downloads) Yann E. MORIN
2014-07-03 19:36 ` [Buildroot] [PATCH 1/4] pkg-infra: don't use DL_DIR as scratchpad for temporary downloads Yann E. MORIN
2014-07-04 21:35   ` Peter Korsgaard
2014-07-04 22:15     ` Yann E. MORIN
2014-07-03 19:36 ` [Buildroot] [PATCH 2/4] pkg-infra: add possiblity to check downloaded files against known hashes Yann E. MORIN
2014-07-04 21:49   ` Peter Korsgaard
2020-11-05 18:38   ` Bernd Kuhls
2020-11-05 21:12     ` Yann E. MORIN
2020-11-06 20:28       ` Bernd Kuhls
2020-11-07 17:27       ` Peter Korsgaard
2020-11-07 21:32         ` Yann E. MORIN [this message]
2020-11-08 17:14           ` Peter Korsgaard
2014-07-03 19:36 ` [Buildroot] [PATCH 3/4] manual: add documentation about packages' hashes Yann E. MORIN
2014-07-04 21:50   ` Peter Korsgaard
2014-07-03 19:36 ` [Buildroot] [PATCH 4/4] package/ca-certificates: add tarball's hashes Yann E. MORIN
2014-07-04 21:50   ` Peter Korsgaard

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20201107213231.GC3971474@scaer \
    --to=yann.morin.1998@free.fr \
    --cc=buildroot@busybox.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.