[Gllug] Bittorrent and security?

Russell Howe rhowe at wiss.co.uk
Mon Aug 23 14:19:58 UTC 2004 

On Mon, Aug 23, 2004 at 02:54:40PM +0100, Richard Hall wrote:
> Bittorrent will distribute the CD image using blocks of a fixed size 
> (usually 1 meg or something similar)  you will be  downloading from 
> different people, it is inderminate as to which block will be from who, 
> and the master torrent file has MD5 hash values for each block.   While 
> it is possible to generate a different block that would still match the 
> MD5 hash this block would be of nonsense data as the likelihood of being 
> able to generate different AND meaningful code which matched the MD5 
> hash of the original code is mathematically infeasible.   So someone 
> would be able to break a portion of the CD (which would then fail the 
> final MD5 check of the whole CD image)  I don't believe they would be 
> able to Trojan it without being able to access and change the original 
> torrent file, which you should download from a trusted source.

So, the torrent file contains MD5(?) hashes of chunks of the file, and
the Debian mirrors likely have hashes or PGP/GPG(?) cryptographic
signatures of the complete ISO

If they provide cryptographic signatures of the .torrent file, then you
should be fairly safe.

There are rumours flying around that people have managed to find
collisions in MD5, or at least something pretty similar to MD5, so the
chance of someone managing to craft a chunk of data which matches the
signature in the .torrent is potentially almost kinda feasible.

The chance of that chunk also being valid in the context of an ISO9660
filesystem is pretty unlikely, I guess, and the chance of the combined
image also checking out OK after verifying the cryptographic signature
for the entire image is likely quite remote.

So, if you can get a signed .torrent file, and a GPG signature for the
entire file, and check both of them to make sure they check out, you
should be fairly confident that you have an image that has been OK'ed by
some Debian developer somewhere.

This is unlikely to happen for nightly builds or anything like that, but
for releases I'd expect them to do something like this.

(There's no reason that it has to be PGP/GPG and MD5, but that's what
I've seen the Debian people using in the past)

-- 
Russell Howe       | Why be just another cog in the machine,
rhowe at siksai.co.uk | when you can be the spanner in the works?
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

More information about the GLLUG mailing list