Verify the integrity of downloaded archives

Verify the integrity of downloaded archives

[sMoTo]

[-- Attachment #1: Type: text/plain, Size: 238 bytes --]

Hello,
 
how can I verify the integrity of the archives offered on the project
page? Is there any possibility? How can I be sure not to work with
corrupted data? 
 
Best regards.
 
### Oliver Fritz
### Singerstrasse 80
### 10243 Berlin
 

[-- Attachment #2: Type: text/html, Size: 4999 bytes --]

Re: Verify the integrity of downloaded archives

[Bill Laut]

While I'd love to meet a hacker who could successfully break into the NSA's 
website to install a Trojan (;-), Oliver does bring up a good point.  As 
SELinux gains a wider audience it would be reasonable to anticipate the 
distro eventually getting mirrored at other sites.  Since the use of digital 
signatures as an integrity-check is now commonplace within the Linux 
community, would it be reasonable to start posting signatures on the NSA 
website?

Bill


On Wednesday 05 November 2003 03:26 pm, sMoTo wrote:
> Hello,
>
> how can I verify the integrity of the archives offered on the project
> page? Is there any possibility? How can I be sure not to work with
> corrupted data?
>
> Best regards.
>
> ### Oliver Fritz
> ### Singerstrasse 80
> ### 10243 Berlin


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Verify the integrity of downloaded archives

[Stephen Smalley]

On Thu, 2003-11-06 at 01:11, Bill Laut wrote:
> While I'd love to meet a hacker who could successfully break into the NSA's 
> website to install a Trojan (;-), Oliver does bring up a good point.  As 
> SELinux gains a wider audience it would be reasonable to anticipate the 
> distro eventually getting mirrored at other sites.  Since the use of digital 
> signatures as an integrity-check is now commonplace within the Linux 
> community, would it be reasonable to start posting signatures on the NSA 
> website?

Possibly.  Since we originally released SELinux as a proof of concept /
reference implementation and it has never been intended to be a Linux
distribution unto itself (although it can be incorporated into one),
this hasn't been a major concern in the past.  However, I understand the
concern.  On the other hand, on what basis would you trust the key used
to sign the archives and patches?

-- 
Stephen Smalley <sds@epoch.ncsc.mil>
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Verify the integrity of downloaded archives

[Dean Anderson]

Well, you don't have to break into the NSA to alter the NSA downloads. All
you need is an ISP in the middle.  More to the point, when the distro is
mirrored, the mirror and the download path is vulnerable.

Key trust is a matter of time.  I see the Stephen's point of view, but I
think the NSA must think that information usually depreciates. In the case
of a public key, it appreciates. A key that was obtained good last month,
appeared valid last month, and hasn't been reported compromised in the
meantime is probably more trustworthy than a certificate just obtained at
the same time as the download which it will be used to check.  So that is
how I base trust in the key used to sign the distributions.  The value
cycle of a key is like that of a boat: It appreciates for a time, and then
expires, and the value collapses.

The NSA does not need to obtain a certificate from Verisign** or some
other CA in order to have trusted public keys.  It just needs to be able
to distribute them widely, so that they can appreciate in value.


** No doubt it would be totally upsidedown to the NSA to have Verisign or
some other company vouch for the NSA.  How ridiculous.  That is like
having a private certify the orders of a general.  Although, as I write
this, I wonder what Cert's the NSA uses on its secure web sites...  I
would think that the NSA would have its own Certificate Authority, as its
mission is to provide communications security for government
organizations, some of which must have their own secure web pages.  If it
has a CA, and the CA certificate is commercially distributed, then getting
a cert to sign the distro should be a matter of internal paperwork, No?

		--Dean

On 6 Nov 2003, Stephen Smalley wrote:

> On Thu, 2003-11-06 at 01:11, Bill Laut wrote:
> > While I'd love to meet a hacker who could successfully break into the NSA's
> > website to install a Trojan (;-), Oliver does bring up a good point.  As
> > SELinux gains a wider audience it would be reasonable to anticipate the
> > distro eventually getting mirrored at other sites.  Since the use of digital
> > signatures as an integrity-check is now commonplace within the Linux
> > community, would it be reasonable to start posting signatures on the NSA
> > website?
>
> Possibly.  Since we originally released SELinux as a proof of concept /
> reference implementation and it has never been intended to be a Linux
> distribution unto itself (although it can be incorporated into one),
> this hasn't been a major concern in the past.  However, I understand the
> concern.  On the other hand, on what basis would you trust the key used
> to sign the archives and patches?
>
> --
> Stephen Smalley <sds@epoch.ncsc.mil>
> National Security Agency
>
>
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
>

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Verify the integrity of downloaded archives

[Brian May]

On Thu, Nov 06, 2003 at 05:15:11PM -0500, Dean Anderson wrote:
> Well, you don't have to break into the NSA to alter the NSA downloads. All
> Key trust is a matter of time.  I see the Stephen's point of view, but I
> think the NSA must think that information usually depreciates. In the case
> of a public key, it appreciates. A key that was obtained good last month,

The longer a public key is available, the more chance attackers have had
to steal the corresponding private key...
-- 
Brian May <bam@snoopy.apana.org.au>

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

RE: Verify the integrity of downloads

[Operations Staff]

[-- Attachment #1: Type: text/plain, Size: 792 bytes --]

In this case the demand is not high enough to require a mirror.
This seems a bit early in the game to focus on. The
NSA has excellent connections/servers. I doubt distribution
will be a problem anytime soon.
 
Joop Cousteau
lite-bulb security team


On Thu, Nov 06, 2003 at 05:15:11PM -0500, Dean Anderson wrote:
> Well, you don't have to break into the NSA to alter the NSA downloads. All
> Key trust is a matter of time.  I see the Stephen's point of view, but I
> think the NSA must think that information usually depreciates. In the case
> of a public key, it appreciates. A key that was obtained good last month,

The longer a public key is available, the more chance attackers have had
to steal the corresponding private key...
--
Brian May bam@snoopy.apana.org.au


[-- Attachment #2: Type: text/html, Size: 2240 bytes --]

Re: Verify the integrity of downloads

[Russell Coker]

On Fri, 7 Nov 2003 17:05, Operations Staff wrote:
> In this case the demand is not high enough to require a mirror.
> This seems a bit early in the game to focus on. The
> NSA has excellent connections/servers. I doubt distribution
> will be a problem anytime soon.

A letter was published in the November issue of Linux Journal from a user in 
the Netherlands who complains about never getting access to the NSA web site 
and who suspects that the Netherlands has been blocked.

I don't believe that the Netherlands has been blocked, I had no problems 
downloading SE Linux files when I lived there and Paul Dwerryhouse (who lives 
there now) appears not to have any problems.

But in any case at least one person has a good cause to want a mirror of the 
NSA site.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Verify the integrity of downloads

[Dean Anderson]

Certain ISPs in the Netherlands permit scanning that other ISPs think is
inappropriate.  Thus, said ISPs are blocked from entering the US by
certain American ISPs.  This could affect the NSA public sites, I suppose.

On the other hand, it could the user's ISP that is blocking the NSA...
One used to be able to tell where the block was by the ICMP error return,
but some many ISPs are blocking ICMP these days that it is hard to tell
what is wrong, or where.

		--Dean

On Sun, 9 Nov 2003, Russell Coker wrote:

> On Fri, 7 Nov 2003 17:05, Operations Staff wrote:
> > In this case the demand is not high enough to require a mirror.
> > This seems a bit early in the game to focus on. The
> > NSA has excellent connections/servers. I doubt distribution
> > will be a problem anytime soon.
>
> A letter was published in the November issue of Linux Journal from a user in
> the Netherlands who complains about never getting access to the NSA web site
> and who suspects that the Netherlands has been blocked.
>
> I don't believe that the Netherlands has been blocked, I had no problems
> downloading SE Linux files when I lived there and Paul Dwerryhouse (who lives
> there now) appears not to have any problems.
>
> But in any case at least one person has a good cause to want a mirror of the
> NSA site.
>
> --
> http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
> http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
> http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
> http://www.coker.com.au/~russell/  My home page
>
>
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
>

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Verify the integrity of downloads

[Russell Coker]

On Tue, 11 Nov 2003 12:05, Dean Anderson wrote:
> Certain ISPs in the Netherlands permit scanning that other ISPs think is
> inappropriate.  Thus, said ISPs are blocked from entering the US by
> certain American ISPs.  This could affect the NSA public sites, I suppose.

Every ISP that has any customers permits scanning that some ISPs won't like.  
If you lock down customers too much they go elsewhere.  The solution to such 
problems is to avoid getting hosting through American ISPs that put in stupid 
filters.

> On the other hand, it could the user's ISP that is blocking the NSA...

Unlikely.  Blocking web servers makes the ISP an "editor" of the Internet 
content (and therefore legally liable to some degree for what they don't 
censor).  This is why hardly any ISPs block the truely objectionable 
material.

> One used to be able to tell where the block was by the ICMP error return,
> but some many ISPs are blocking ICMP these days that it is hard to tell
> what is wrong, or where.

If we got in contact with the person who reported this problem then we could 
probably track it down in a small amount of time.  The real problem here is 
that we don't even have contact with the person who had the problem (and lots 
of people want to download SE Linux without identifying themselves, so 
presumably they aren't the only one).

For the record anyone who has problems downloading SE Linux related files from 
the NSA site can contact me by email or IRC (I am usually on #selinux on 
irc.freenode.net) and I'll help track it down.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Verify the integrity of downloads

[Howard Holm]

I'm sure Russell would do his best to help, but if you contact me, I
might be able to be of more immediate help.  Of course, if you are
having trouble reaching NSA's web servers you may also be having trouble
reaching our mail servers.  If my primary e-mail address (below) isn't
working for you, you're welcome to try hdholm@users.sourceforge.net.

On Wed, 2003-11-12 at 18:54, Russell Coker wrote:
> For the record anyone who has problems downloading SE Linux related files from 
> the NSA site can contact me by email or IRC (I am usually on #selinux on 
> irc.freenode.net) and I'll help track it down.

-- 
Howard Holm <hdholm@epoch.ncsc.mil>
Office of Defensive Computing Research
National Security Agency

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Verify the integrity of downloads

[Dean Anderson]

On Thu, 13 Nov 2003, Russell Coker wrote:

> On Tue, 11 Nov 2003 12:05, Dean Anderson wrote:
> > Certain ISPs in the Netherlands permit scanning that other ISPs think is
> > inappropriate.  Thus, said ISPs are blocked from entering the US by
> > certain American ISPs.  This could affect the NSA public sites, I suppose.
>
> Every ISP that has any customers permits scanning that some ISPs won't
> like.  If you lock down customers too much they go elsewhere.  The
> solution to such problems is to avoid getting hosting through American
> ISPs that put in stupid filters.

Well, Av8 doesn't have any such customers.  Few ISPs do. And mostly, the
ISPs that have such customers respond positively to complaints about such
scanning, and make the customers knock it off.  Some certain Netherlands
ISPs do not.  I would offer to be a mirror site, but very likely, we are
also blocking this Netherlands ISP, or will be soon.

Probably the solution is to avoid getting service through a Netherlands
ISP that permits this scanning.  It should not be overlooked that the
purpose of this scanning is to obtain information and/or crash computers,
or contact virus-infected machines.  There is no legitimate purpose to
this scanning activity.  At best it is mischief and frequently, it is
criminal.

> > On the other hand, it could the user's ISP that is blocking the NSA...
>
> Unlikely.  Blocking web servers makes the ISP an "editor" of the Internet
> content (and therefore legally liable to some degree for what they don't
> censor).  This is why hardly any ISPs block the truely objectionable
> material.

The "editor"-ness would be true of either ISP.  Why is it more likely for
one ISP to be blocking than for the other ISP to be blocking?  I left out
the case that it might be an ISP in the middle. But that is also possible.

But since the netherlands ISP doesn't have to worry about US law, and
presumably doesn't have to worry about the editing of content from the US
government, it seems to me that of the (minimum) two ISPs involved, the
Netherlands ISP probably has the least liability for blocking.

> > One used to be able to tell where the block was by the ICMP error
> > return, but some many ISPs are blocking ICMP these days that it is
> > hard to tell what is wrong, or where.
>
> If we got in contact with the person who reported this problem then we
> could probably track it down in a small amount of time.  The real
> problem here is that we don't even have contact with the person who had
> the problem (and lots of people want to download SE Linux without
> identifying themselves, so presumably they aren't the only one).

True enough. That is why most ISPs don't accept abuse reports that don't
identify the parties involved.  Certain anti-s*am sites send abuse reports
in which the victim's address is removed.

		--Dean


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Verify the integrity of downloads

[Howard Holm]

We're starting to drift a little off topic folks.  If you have comments
specific to accessing SELinux or verifying SELinux downloads, great. 
But lets take the more general discussion of ISP blocking, scanning,
etc. elsewhere.

Thanks.

-- 
Howard Holm <hdholm@epoch.ncsc.mil>
Office of Defensive Computing Research
National Security Agency

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Verify the integrity of downloaded archives

[James de Lurker]

Stephen Smalley wrote:

> On Thu, 2003-11-06 at 01:11, Bill Laut wrote:

[..]

>>SELinux gains a wider audience it would be reasonable to anticipate the 
>>distro eventually getting mirrored at other sites.

It already is! I frequently use the "Wiretapped" Australian site as a
convenient place that centralises security related stuff. Recommended.

   ftp://ftp.wiretapped.net/pub/security/operating-systems/selinux/
   http://www.wiretapped.net/


>>.............................................  Since the use of digital 
>>signatures as an integrity-check is now commonplace within the Linux 
>>community, would it be reasonable to start posting signatures on the NSA 
>>website?

A list of MD5s against files, itself wrapped in a digital signature would 
be extremely useful. Authentication is nice, to eliminate the possible of
MiM attacks on ftp delivery ( or directly compromised ftp services, as has
already happened, with some key open source applications ).

For the most part, integrity checking against accidental damage rather than 
malicious tampering is needed. Even better - "par" Reed Solomon matrix
error correction files in the file groups are a great way of checking 
against storage media degradation. Fix the damage rather than only detect
it after downloading a particularly large archive file, or ISO image.

    http://parchive.sourceforge.net/


[..]
>...........On the other hand, on what basis would you trust the key used
> to sign the archives and patches?
> 

Not perfect, but a "Web of Trust" that incorporated contributors I've met.
Russell, to name but one. A separate "site key" that had such authority,
with appropriate disclaimers for the NSA's purposes of course... Reasonably 
confident that a suitable exchange protocol could be established by private
email from the regulars that have met in person, to make remote key signing
exchanges of a site signature key viable.

How does that sound?

-- 

   -- James

 From and Reply To are INVALID.

All public postings use munged headers[1]- To contact me off list:
   1) Remove "M U N G I E j u m p" ONLY: leave that "nospam" in there!
   2) change "hotmail" 2 "myrealbox" after the @



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Verify the integrity of downloaded archives

[Bill Laut]

On Thursday 06 November 2003 09:24 am, Stephen Smalley wrote:
> On Thu, 2003-11-06 at 01:11, Bill Laut wrote:
> > While I'd love to meet a hacker who could successfully break into the
> > NSA's website to install a Trojan (;-), Oliver does bring up a good
> > point.  As SELinux gains a wider audience it would be reasonable to
> > anticipate the distro eventually getting mirrored at other sites.  Since
> > the use of digital signatures as an integrity-check is now commonplace
> > within the Linux community, would it be reasonable to start posting
> > signatures on the NSA website?
>
> Possibly.  Since we originally released SELinux as a proof of concept /
> reference implementation and it has never been intended to be a Linux
> distribution unto itself (although it can be incorporated into one),
> this hasn't been a major concern in the past.  However, I understand the
> concern.  On the other hand, on what basis would you trust the key used
> to sign the archives and patches?
>

I'm not certain what you mean by "trust."  If you're implying a CA like 
Verisign, no way.  Firstly, that would be overkill.  Secondly, the idea of 
NSA going to Verisign for credentials is, well, politically distasteful to 
say the least and would undoubtedly engender all sorts of unintended 
consequences, political and otherwise.

As to the trustworthiness of the algorithms, I'm not aware of successful 
published attacks on DSA, et al.  The only one that comes to mind is RC5 
which IIRC a German cryptogapher nearly all but broke back around 1996.  If 
anyone has better knowledge please feel free to post it.

As for "trust" defined by the security of the NSA's website, well, that was 
why I put the "winking-face" icon after my opening sarcasm:  If there's one 
website that's "hacker-proof," it is the NSA's home page and which is why I 
and undoubtedly others chuckled at Oliver's innocent cheek.

I understand what you said about SELinux being a research project that was 
never intended as a Linux distro unto itself.  Perhaps my use of "distro" was 
a poor choice to describe the two-part downloads of the patched kernel and 
userland archive.  Nevertheless, now that it's mainstreamed as of v2.6 
SELinux is going to gain a much wider audience and as it does it will explode 
worldwide throughout the Linux community.  (As a former free-lance consultant 
I haven't seen "bottled lightning" this potent since the Internet achieved 
critical mass around 1991/92, but that's for another thread.)

While I believe anyone is secure in downloading SELinux from the NSA's 
website, as Jim mentioned there's already enough interest in it that other 
websites have begun mirroring SELinux.  And therein lies the problem.  As 
SELinux's popularity grows it will eventually come under attack by whoever 
has an agenda to push, if only because it carries the NSA's imprimatur.  If 
they can't attack it on the NSA's website they'll go to other, less secure 
mirrors to do so.  Therefore, in order to pre-empt all of that I'm 
questioning if now wouldn't be the appropriate time to consider some sort of 
digital signing strategy.

Anyway, to finish answering your question concerning key trust:  It wouldn't 
have to be complicated.  Perhaps nothing more than just the usual PGP 
detached signature, one for each download, with the signing done on an 
air-gapped PC and the public key and sigs distributed on the NSA's website, 
with the public key included in the patched kernel's Documentation directory 
as distributed by www.kernel.org and/or maybe uploaded to a number of public 
keyservers.

Does this sound reasonable?  Am I forgetting or overlooking anything?

Bill



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Verify the integrity of downloaded archives

[Russell Coker]

On Fri, 7 Nov 2003 01:24, Stephen Smalley wrote:
> On Thu, 2003-11-06 at 01:11, Bill Laut wrote:
> > While I'd love to meet a hacker who could successfully break into the
> > NSA's website to install a Trojan (;-), Oliver does bring up a good
> > point.  As SELinux gains a wider audience it would be reasonable to
> > anticipate the distro eventually getting mirrored at other sites.  Since
> > the use of digital signatures as an integrity-check is now commonplace
> > within the Linux community, would it be reasonable to start posting
> > signatures on the NSA website?
>
> Possibly.  Since we originally released SELinux as a proof of concept /
> reference implementation and it has never been intended to be a Linux
> distribution unto itself (although it can be incorporated into one),
> this hasn't been a major concern in the past.  However, I understand the
> concern.  On the other hand, on what basis would you trust the key used
> to sign the archives and patches?

I think that the correct proceedure is for a GPG key to be established for the 
sole purpose of signing SE Linux releases.  Then that key would be signed by 
keys from you, Howard, and Pete Loscocco (the three NSA people who seem to 
meet the most people who are in the web of trust).

Then once you get your keys signed by a few people I think that everyone will 
be satisfied by the key integrity.

This is essentially the same proceedure that is used for the kernel source 
signatures on kernel.org.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.