home *** CD-ROM | disk | FTP | other *** search
- Xref: sparky comp.security.misc:1734 alt.security:4802 comp.unix.admin:6170
- Path: sparky!uunet!know!hri.com!noc.near.net!news.bbn.com!usc!sol.ctr.columbia.edu!emory!ogicse!mimbres.cs.unm.edu!unmvax!cs.sandia.gov!mccurley
- From: mccurley@cs.sandia.gov (Kevin McCurley)
- Newsgroups: comp.security.misc,alt.security,comp.unix.admin
- Subject: Re: Tripwire release
- Message-ID: <1992Nov13.004708.26881@cs.sandia.gov>
- Date: 13 Nov 92 00:47:08 GMT
- References: <1992Nov6.161125.10283@ghost.dsi.unimi.it> <1992Nov06.173036.28994@watson.ibm.com> <BxMEuE.CwC@mentor.cc.purdue.edu>
- Sender: usenet@cs.sandia.gov (Another name for news)
- Organization: Sandia National Laboratories, Albuquerque, NM
- Lines: 23
-
- uri@watson.ibm.com (Uri Blumenthal) writes:
- > Tripwire supports hooks for up to ten signature routines. We
- >ship it with MD5, Snefru, CRC32, CRC16, MD4, and MD2. Although
- >the CRC routines are not "signatures" in the cryptographic sense,
- >they are nice to have since they are considerably faster than the
- >more secure algorithms -- which are (hopefully) one-way hash
- >functions.
-
- I stated earlier that NONE of these, including MD5, Snefru, and MD4,
- are signatures in the cryptographic sense. A true signature would
- require something like RSA or DSA layered on a one-way hash function
- like MD5 or SHA. This would not significantly impact the speed, since
- RSA on my Sparc would add less than .01 seconds, whereas MD5 runs at
- about a megabyte per second. Hence as soon as the file is bigger than
- 10K, the hash will take longer than the signature. DSA verification
- will take considerably longer, but I have an implementation that does
- the verification in less than .3 seconds - still acceptable for many
- applications. If this is too slow for checking 100 files on a UNIX
- system, then you can apply the hash to a large subset of the files
- before finishing with the signature.
-
- Kevin McCurley
- Sandia National Laboratories
-
