[p2p-hackers] SHA1 broken?

Serguei Osokine Serguei.Osokine at efi.com
Thu Feb 17 22:11:28 UTC 2005 

On Thursday, February 17, 2005 Nick Lothian wrote:
> It's not hard to imagine spyware manufactures modifying common 
> opensource applications (eg: p2p software) so they include spyware
> and yet still have the same hash.

	Sure, but then they would have to find some innocently looking
way to include something like this into the open source app:

d1  31  dd  02  c5  e6  ee  c4  69  3d  9a  06  98  af  f9  5c
2f  ca  b5  87  12  46  7e  ab  40  04  58  3e  b8  fb  7f  89
55  ad  34  06  09  f4  b3  02  83  e4  88  83  25  71  41  5a
08  51  25  e8  f7  cd  c9  9f  d9  1d  bd  f2  80  37  3c  5b
d8  82  3e  31  56  34  8f  5b  ae  6d  ac  d4  36  c9  19  c6
dd  53  e2  b4  87  da  03  fd  02  39  63  06  d2  48  cd  a0
e9  9f  33  42  0f  57  7e  e8  ce  54  b6  70  80  a8  0d  1e
c6  98  21  bc  b6  a8  83  93  96  f9  65  2b  6f  f7  2a  70

- which is no big deal, could be a bitmap. However, after that they
would have to modify the application to use the text above as a jump
table to a malicious code, which would be dormant in the application
until the data is changed to:

d1  31  dd  02  c5  e6  ee  c4  69  3d  9a  06  98  af  f9  5c
2f  ca  b5  07  12  46  7e  ab  40  04  58  3e  b8  fb  7f  89
55  ad  34  06  09  f4  b3  02  83  e4  88  83  25  f1  41  5a
08  51  25  e8  f7  cd  c9  9f  d9  1d  bd  72  80  37  3c  5b
d8  82  3e  31  56  34  8f  5b  ae  6d  ac  d4  36  c9  19  c6
dd  53  e2  34  87  da  03  fd  02  39  63  06  d2  48  cd  a0
e9  9f  33  42  0f  57  7e  e8  ce  54  b6  70  80  28  0d  1e
c6  98  21  bc  b6  a8  83  93  96  f9  65  ab  6f  f7  2a  70

	If they can pull all of this off without raising any suspicion 
(which is not a huge problem if no one reads CVS diffs or sources), 
then they might as well just jump to this malicious code, or jump to
it on some moderately obfuscated condition, since no one would notice
this code or the jump to begin with if no one monitors the sources.
Using MD5 collision to do that seems like a particularly convoluted 
way to achieve the same goal that can be achieved way simpler without
it. Of course, if one is a Rube Goldberg fan, this is something he
might want to do as a matter of principle... :-)

	Best wishes -
	S.Osokine.
	17 Feb 2005.


-----Original Message-----
From: p2p-hackers-bounces at zgp.org [mailto:p2p-hackers-bounces at zgp.org]On
Behalf Of Nick Lothian
Sent: Thursday, February 17, 2005 1:48 PM
To: osokin at osokin.com; Peer-to-peer development.
Subject: RE: [p2p-hackers] SHA1 broken?



> > Dan Kaminsky runs over a number of potential attacks that 
> are relevant 
> > to P2P -- see:
> >
> >   http://paketto.doxpara.com
> > ...
> > Here's another example from the cryptography list that convinced a  
> > doubter...
> 
> 	Certainly looks cute. Now correct me if I'm not getting 
> something here - but isn't it true that in order to mount an 
> attack one has to replace the "good" code (content, whatever) 
> by the "bad" code, and the absolutely necessary condition is 
> that the "good" code also has to be created by an attacker? 
> So an attacker creates "good" code, gives it to security 
> experts for verification, and then after they are done, 
> replaces it with "bad code", right? 
> 
> 	Isn't it a bit far-fetched? Do we have a somewhat more 
> realistic attack scenario? I just cannot imagine all this 
> happening in real life. Real-life breakdowns always tend to 
> be way simpler than their theoretical scenarios (and totally 
> unexpected, too).
> 

According to some reports some anti-spyware tools currently use MD5
hashes to find known-bad software (See
http://malektips.com/microsoft_antispyware_0007.html). It's not hard to
imagine spyware manufactures modifying common opensource applications
(eg: p2p software) so they include spyware and yet still have the same
hash.

Nick


IMPORTANT: This e-mail, including any attachments, may contain private or
confidential information. If you think you may not be the intended recipient,
or if you have received this e-mail in error, please contact the sender
immediately and delete all copies of this e-mail. If you are not the intended
recipient, you must not reproduce any part of this e-mail or disclose its
contents to any other party.

This email represents the views of the individual sender, which does not
necessarily reflect those of education.au limited except where the sender
expressly states otherwise.

It is your responsibility to scan this email and any files transmitted with
it for viruses or any other defects.

education.au limited will not be liable for any loss, damage or consequence
caused directly or indirectly by this e-mail.
_______________________________________________
p2p-hackers mailing list
p2p-hackers at zgp.org
http://zgp.org/mailman/listinfo/p2p-hackers
_______________________________________________
Here is a web page listing P2P Conferences:
http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences

More information about the P2p-hackers mailing list