From: Timothy Newsham <newsham@wiliki.eng.hawaii.edu>
To: klaus@mail.lds.loral.com (Christopher Klaus)
Message Hash: 736985c63497c5ddbd477340800fc4c48f6fc429ceb787c650b27f4c02e4a3fb
Message ID: <9307310335.AA16404@toad.com>
Reply To: <9307301223.AA15123@mail.lds.loral.com>
UTC Datetime: 1993-07-31 03:37:33 UTC
Raw Date: Fri, 30 Jul 93 20:37:33 PDT
From: Timothy Newsham <newsham@wiliki.eng.hawaii.edu>
Date: Fri, 30 Jul 93 20:37:33 PDT
To: klaus@mail.lds.loral.com (Christopher Klaus)
Subject: Re: best way to check for modification of self
In-Reply-To: <9307301223.AA15123@mail.lds.loral.com>
Message-ID: <9307310335.AA16404@toad.com>
MIME-Version: 1.0
Content-Type: text/plain
>
>
>
> I am looking for C src or algorithms that would be useful for a program
> to check its own integrity and make sure it hasnt been modified.
>
> Looking at the filesize of the file would not help, since I want to make
> sure no one has modified just some text, etc. I would like the algorithm
> or code to be rather quick in doing the check in the initialization of
> the program. Would finding the src to CRC or sum and adding that into the
> program be the best solution?
>
> Has anyone else dealt with this?
this is what the tripwire package does.
I think (perhaps maybe) I heard someone say it uses a hashing
function that is not cryptographically secure (ie. can be forged)
but also that the design is highly modular and the hashing function
can be replaced with something more secure
> Christopher Klaus
> klaus@mail.lds.loral.com cklaus@hotsun.nersc.gov
Return to July 1993
Return to “Timothy Newsham <newsham@wiliki.eng.hawaii.edu>”