 |
|
|
 Welcome to the Virus.Org Mailing List Archive |
||
 |
||
|
||
|
On Wed, 15 Dec 2004, Tim Dierks wrote: Here's an example, although I think it's a stupid one, and agree with [...] I send you a binary (say, a library for doing AES encryption) which you test exhaustively using black-box testing. The black-box testing would obviously be the mistake. How can you tell that the library doesn't start sending plain-text for messages which start with a particular magic bytes, or some other evilness? You can't hope to test *all* messages. The word 'exhaustively' is where your example goes wrong. I'll play Ben's part and claim that if you can provide a library which will *only* be checked using black-box testing, it's much easier to skip the whole MD5 aspect and have it use a covert channel (leak key bits in padding or some such) or transmit plain-text after the first 100M of data encrypted or some such. There are lots of easy ways to get your maliciousness past a black-box test. The use of MD5 (a relatively *hard* way to be malicious) doesn't appreciably change the threat. --scott[it should be noted that any security-conscious tester will/ought to screen your binary for all of the *published* MD5 collisions, so you'll have to generate one yourself if you want to get away with this.] HTLINGUAL Hager Kennedy AEFOXTROT global action network assassinate Register to vote! http://www.yourvotematters.org/VerifiedVoting ( http://cscott.net/ ) --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
|
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.