Path: utzoo!utgpu!news-server.csri.toronto.edu!clyde.concordia.ca!uunet!samsung!zaphod.mps.ohio-state.edu!ncar!tank!msuinfo!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw From: nixpbe!gla%linus@uunet.UU.NET (gla) Newsgroups: comp.virus Subject: Re: Validating Virus Software Message-ID: <0007.9004131250.AA02586@ubu.cert.sei.cmu.edu> Date: 12 Apr 90 06:30:57 GMT Sender: Virus Discussion List Lines: 38 Approved: krvw@sei.cmu.edu WARD@SENECA.BITNET (David Ward -- Computer Support/Special Needs) writes: >Periodically we hear concerns about the validity of SCANVxx and other >antiviral programs. I think these concerns are valid since a >virmentor creating a virus would likely take great joy in attaching >the virus software to a product designed to fight viruses. >... >A simple solution to this problem is that when new versions of scan >are announced on this digest, the announcement should include the >validation strings given by McAfee. Then we can download from any >local source and compare the strings published in Virus-L to >those we generate with the validate program. The problem adressed here is well-known: we need a MAC, a message authentication code. It means that you can check the checksum by using a public known key of the author. The first system usable for this is the RSA public key encryption system. For a MAC, you encrypt the checksum with the privat key of the author and append it to the message. It can be decrypted by anyone using the public key which has to be obtained once, and then the checksum can be checked. Unfortunately, it is patent copyrithed in USA and requires lengthy computations of prime numbers for the keys, and depends both on the problem of factorisation and the discrete logarithm. But there is an alternative scheme: the ElGamal-Scheme. It requires modulo arithmetic and depends only on the discrete logarithm problem, and it is - to my knowledge - not protected. To check the signature, the calculations are somewhat longer than for RSA; to obtain the signature, an equation has to be solved which is straighforward using Euclid's algorithm, extended. For the original description, see: ElGamal, T.: A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. IEEE Trans. Inf. Theory, Vol. 31, No. 7, 1985, pp. 469-472. Rainer Glaschick, Nixdorf Computers, Paderborn, W-Germany EMail: glaschick@nixpbe.de or !uunet!nixbur!glaschick.pad Phone: +49 5251 14 6150 (absent till April 23)