Subject: Re: Verifying a kernel.
To: Steven M. Bellovin <smb@cs.columbia.edu>
From: Tonnerre <tonnerre@thundrix.ch>
List: tech-kern
Date: 07/20/2005 21:42:47
--UHN/qo2QbUvPLonB
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Salut,
On Wed, Jul 20, 2005 at 12:15:10PM -0400, Steven M. Bellovin wrote:
> There's a subtle distinction here between a *safety* algorithm and a=20
> *security* algorithm. The former deals with naturally-occuring=20
> failures; the latter deals with enemy action. The two are not the=20
> same. If I (and Jason) correctly understand Matt's question, we're=20
> talking about a safety algorithm. MD5 is fine for that. CRC32 is=20
> probably not, though -- the size of the kernel is such that the=20
> probability of an undetected error is too high.
I wonder how the likelyhood of a collission using the Cyclic Redundancy
Check, maybe even on more than 32 bits, outweights the additional load
the unnecessary "data shuffling" in MD5 and friends, whereas the key space
of MD5 is even significantly diminished. If it's not about security,
a cyclic redundancy check is perfectly enough. I could even produce an
even simpler function that takes care of a sufficient output length.
Please note as well that you need 4G of data until you have a guaranteed
collision.
pauli% ls -lh /netbsd
-rwxr-xr-x 1 root wheel 2.8M May 7 03:03 /netbsd
pauli%=20
Tonnerre
--UHN/qo2QbUvPLonB
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (NetBSD)
iD8DBQFC3qk3XUVlAbfmNMIRAqbCAJ4v3bVpC2OwmdxNh531ffcCCgtxOACgrMVs
0CjIoKRkuV7z0P3ftV1U4Hw=
=D728
-----END PGP SIGNATURE-----
--UHN/qo2QbUvPLonB--