Re: DSA GnuPG signatures

["Vladimir 'φ-coder/phcoder' Serbinenko" <phcoder@gmail.com>]

[-- Attachment #1: Type: text/plain, Size: 1788 bytes --]

On 31.01.2013 13:49, Andrey Borzenkov wrote:

> В Fri, 11 Jan 2013 21:54:22 +0100
> Vladimir 'φ-coder/phcoder' Serbinenko <phcoder@gmail.com> пишет:
> 
>> Hello, all. I've just committed import of libgcrypt and implementation
>> of related code to check signatures. Short usage:
>> verify_detached FILE FILE.sig [pubkey.gpg]
>> trust KEY.gpg
>> distruct KEYID
>> check_signatures=[enforce|no]
>>
>> grub-mkimage -k KEY gcry_dsa verify [...]
>>
>> When check_signatures=enforce every time anthing tries to open a file
>> its signature (file.sig) is looked for and the open fails if signature
>> is absent or invalid.
> 
> There is no protection against file modification after signature was
> verified. Is it intentional (i.e. it is not considered as viable
> threat)?

That is indeed a problem.

> One possibility is to cache file in memory on first open,
> which ensures it cannot be modified externally.

Possible but works only on relatively small files. For bigger files we
need to make a chunk hash list. I'll add the easy part now and if ever
needed we can add more difficult part as well.

> 
>> Some limitations:
>> 1) DSA keys only. RSA is more tricky since it needs padding and RSA
>> should be progressively phased out, not put into new places due to some
>> vulnerabilities (large classes of semiprimes are factorisable up to the
>> point when a lot of care has to be taken to avoid them).
>> 2) Not efficient. Checking every file is slow. Some hashlists should be
>> implemented.
>> 3) Not efficient. File is read twice though it's avoidable in many cases.
> 
> 
> 
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> https://lists.gnu.org/mailman/listinfo/grub-devel




[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 294 bytes --]