Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!zaphod.mps.ohio-state.edu!unix.cis.pitt.edu!dsinc!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw
From: HUUSKONEN@cc.helsinki.fi (Taneli Huuskonen)
Newsgroups: comp.virus
Subject: Re: Defeating Virus Scanner Trojans
Message-ID: <0004.9012201422.AA05067@ubu.cert.sei.cmu.edu>
Date: 18 Dec 90 11:26:00 GMT
Sender: Virus Discussion List <VIRUS-L@LEHIIBM1>
Lines: 21
Approved: krvw@sei.cmu.edu

lhamey@vision.mqcc.mq.oz.au (Len Hamey) writes:
> The rash of trojan "new" releases of virus scanners is worrying.  I
> wonder whether it might not be possible for virus scanner developers
> to employ public-key encryption to provide unforgeable proof of the
> validity of new releases of their product.
> [description on how to use a public-key system deleted]

  There are some public domain one-way checksum generators available
in source form.  If there is sufficient interest, I'd be willing to
write a shareware program to further compare the checksum against an
encrypted correct checksum, which is distributed along with the virus
scanner.
  Please send me a one-line message if you'd like to have such a
shareware public key signature system, and suggest a price you'd
consider reasonable.  Please don't send me longer e-mail messages
unless you are directly involved in virus fighting or public key
signature systems yourself.  I'll post more details within a couple of
weeks, if there is interest.

Taneli Huuskonen            huuskonen@cc.helsinki.fi
                            huuskonen@finuh.bitnet