lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Mon, 18 Nov 2013 22:24:46 +0200
From:	Dmitry Kasatkin <dmitry.kasatkin@...il.com>
To:	Mimi Zohar <zohar@...ux.vnet.ibm.com>
Cc:	Roberto Sassu <roberto.sassu@...ito.it>,
	linux-security-module@...r.kernel.org,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	linux-ima-devel@...ts.sourceforge.net,
	Mimi Zohar <zohar@...ibm.com>,
	Dmitry Kasatkin <d.kasatkin@...sung.com>,
	james.l.morris@...cle.com
Subject: Re: [PATCH 5/6] ima: do not include field length in template digest
 calc for ima template

On Mon, Nov 18, 2013 at 10:05 PM, Mimi Zohar <zohar@...ux.vnet.ibm.com> wrote:
> On Mon, 2013-11-18 at 21:40 +0200, Dmitry Kasatkin wrote:
>> On Mon, Nov 18, 2013 at 5:50 PM, Mimi Zohar <zohar@...ux.vnet.ibm.com> wrote:
>> > On Mon, 2013-11-18 at 17:30 +0200, Dmitry Kasatkin wrote:
>> >> On Fri, Nov 15, 2013 at 3:45 PM, Roberto Sassu <roberto.sassu@...ito.it> wrote:
>> >
>> >> > @@ -160,12 +161,13 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
>> >> >                 return rc;
>> >> >
>> >> >         for (i = 0; i < num_fields; i++) {
>> >> > -               rc = crypto_shash_update(&desc.shash,
>> >> > -                                        (const u8 *) &field_data[i].len,
>> >> > -                                        sizeof(field_data[i].len));
>> >> > -               if (rc)
>> >> > -                       break;
>> >> > -
>> >> > +               if (strcmp(td->name, IMA_TEMPLATE_IMA_NAME) != 0) {
>> >> > +                       rc = crypto_shash_update(&desc.shash,
>> >> > +                                               (const u8 *) &field_data[i].len,
>> >> > +                                               sizeof(field_data[i].len));
>> >> > +                       if (rc)
>> >> > +                               break;
>> >> > +               }
>> >>
>> >> What was actually the point in including field length in the hash calculation?
>> >> Does it really make it cryptographically stronger?
>> >> If not then remove it at all...
>> >
>> > We should be able to walk the measurement list without needing to
>> > understand template specific data.  All of the template data, including
>> > the field lengths, needs to be included in the template hash.
>> >
>>
>> Sorry, how adding field length helps walking measurement list?
>> It makes it even more tricky...
>
> The new template architecture adds sending the field length.
>
>> Previously, I could calculate the hash over the whole template data
>> from binary_measurement_list to get template hash.
>
>> Now every field must be processed separately to get template hash...
>
> You still calculate the template hash based on the entire template data,
> including the lengths.  Without including the lengths in the hash
> calculation, you would need to parse the individual template field
> data.

Right.. Exactly reverse.. Yes, binary measurement list includes length field..
My mistake here...

- Dmitry

>
> Mimi
>



-- 
Thanks,
Dmitry
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ