Path: utzoo!utgpu!attcan!ncrcan!ziebmef!mcp From: mcp@ziebmef.mef.org (Marc Plumb) Newsgroups: comp.sys.amiga Subject: Re: "xeno" virus Message-ID: <1989Aug21.151623.26054@ziebmef.mef.org> Date: 21 Aug 89 19:16:22 GMT References: <21fB02Wm49np01@amdahl.uts.amdahl.com> <3633@mentor.cc.purdue.edu> <1332@atanasoff.cs.iastate.edu> Reply-To: mcp@ziebmef.mef.org (Marc Plumb) Organization: Ziebmef Public Access Unix, Toronto, Ontario Lines: 38 >| In article hubey@pilot.njin.net (Hubey) writes: >|> [wonders about programs to check files' CRC values] >In article <3633@mentor.cc.purdue.edu> ain@mentor.cc.purdue.edu (Pat-bob White) writes: >| Anyone could write a program to do that now -- if they didn't publish >| their CRC calculation method, then things would be safer till some virus >| writer found it out. Once that happened, there would be many people relying >| on that program to keep them safe.. making it actually easier for a virus to >| spread. In article <1332@atanasoff.cs.iastate.edu> jwright@atanasoff.cs.iastate.edu.UUCP (Jim Wright) writes: >There's a better way. Use two different polynomials to compute the CRC >values. A single CRC check can be faked out by tweaking the bytes, but >getting past two such checks would be much more difficult. Even if you >distributed source code. No, two different CRC polynomials works as well as the product of the two - which, having factors, is not as good as a well-chosen longer polynomial. Even a simple CRC would frustrate a lot of virus writers, who probably aren't too comfortable with polynomial division code, but you really want an unforgeable signature. If you can securely distribute the signature values, then you can use a one-way encryption algorithm similar to the Unix password algorithm, except much simpler, as no brute-force search of *any* size is practicable by a virus. If you want the programs to be self-validating, there is a "cryptographic checksum" algorithm available (there is a research system called Strongbox that uses it, developed at CMU I believe) which appends a checksum to a file which can be checked by anyone, but without a special key value (not needed for checking) you cannot compute a correct checksum for an arbitrary file. While the latter scheme is more convenient if you have a central point where software is certified safe that can keep the key, the Unix-password scheme is probably better for Amiga use. -- -Colin Plumb