This is the mail archive of the
mailing list for the Cygwin project.
MD5 vs SHA512 in setup.ini (was: Why package cache is not used during setup download?)
- From: Warren Young <wyml at etr-usa dot com>
- To: cygwin at cygwin dot com
- Date: Mon, 26 Oct 2015 12:08:55 -0600
- Subject: MD5 vs SHA512 in setup.ini (was: Why package cache is not used during setup download?)
- Authentication-results: sourceware.org; auth=none
- References: <CAF8BazAy7x2Nxeb6P=ns7=Dy5ENzd=Cg0oKxJjDtBg0JzGjM-g at mail dot gmail dot com> <133366775 dot 20151025170018 at yandex dot ru> <CAF8BazBBFrCdPLJMw2ZiuSx_syLLqq7MMwWrsCM+CqE8Y9e4Tw at mail dot gmail dot com> <190443388 dot 20151026144831 at yandex dot ru>
On Oct 26, 2015, at 5:48 AM, Andrey Repin <firstname.lastname@example.org> wrote:
> MD5 hash proven weak
Thatâs a bit strong. Itâs better to say that MD5 has weak collision resistance properties, which in this context means it is possible to generate a Cygwin package with arbitrary contents that produces the same hash as the legitimate package, in a computationally useful time frame.
But, that is not the value MD5 is providing to setup.exe. If you are downloading a package from bad-actor.com, you are also downloading setup.ini from there, so they can rewrite the hashes. Only if you take the extra step to get your setup.ini from a different site can you cross-check the hashes.
Even then, all it proves is that the file you downloaded is the one the server claims to be providing. It doesnât prove provenance, which is what people really seem to want, when they go hand-checking hashes.
One way to solve that would be for cygwin.com could run a special-purpose CA, and for the process that moves uploaded packages into the distribution directory to sign them using the CAâs private key. Then setup.exe can cryptographically prove to itself that it is installing legitimate packages.
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple