From: Timothy Newsham <newsham@wiliki.eng.hawaii.edu>
Date: Fri, 30 Jul 93 20:37:33 PDT
To: klaus@mail.lds.loral.com (Christopher Klaus)
Subject: Re: best way to check for modification of self
In-Reply-To: <9307301223.AA15123@mail.lds.loral.com>
Message-ID: <9307310335.AA16404@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> 
> 
> I am looking for C src or algorithms that would be useful for a program
> to check its own integrity and make sure it hasnt been modified.  
> 
> Looking at the filesize of the file would not help, since I want to make
> sure no one has modified just some text, etc.  I would like the algorithm
> or code to be rather quick in doing the check in the initialization of
> the program.  Would finding the src to CRC or sum and adding that into the
> program be the best solution?
> 
> Has anyone else dealt with this?

this is what the tripwire package does. 
I think (perhaps maybe) I heard someone say it uses a hashing
function that is not cryptographically secure (ie. can be forged)
but also that the design is highly modular and the hashing function
can be replaced with something more secure

> Christopher Klaus
> klaus@mail.lds.loral.com cklaus@hotsun.nersc.gov