Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watnot!watmath!clyde!rutgers!ames!ptsfa!ihnp4!homxb!houxm!mhuxt!mhuxm!mhuxo!ulysses!allegra!alice!ark
From: ark@alice.UUCP
Newsgroups: comp.sys.ibm.pc,sci.crypt
Subject: Re: Stopping Trojans
Message-ID: <6800@alice.uUCp>
Date: Sun, 12-Apr-87 22:33:52 EST
Article-I.D.: alice.6800
Posted: Sun Apr 12 22:33:52 1987
Date-Received: Wed, 15-Apr-87 04:41:53 EST
References: <537@faline.bellcore.com>
Organization: AT&T Bell Laboratories, Liberty Corner NJ
Lines: 22
Xref: utgpu comp.sys.ibm.pc:2924 sci.crypt:308
Summary: I've already done it.

In article <537@faline.bellcore.com>, karn@faline.UUCP writes:
> You can't just use your everyday "count the bytes" checksum algorithm,
> though. While this is usually adequate to detect random acts of nature, a
> clever person could corrupt a program in such a way that the same checksum
> is computed even after the Trojan is added. A more sophisticated algorithm
> is needed that is secure against deliberate, intelligent attacks by humans
> as well as random attacks by nature.

Several years ago, I wrote a program that does this.  It is
part of the software package described in the proceedings of
the summer 1984 USENIX conference (Salt Lake City) under the
title ``Automatic Software Distribution.''  The program itself
is available from the ``UNIX System Toolchest.''  Interested
parties can contact me directly for more information.


				Andrew Koenig
				Room 4N-R12
				AT&T Bell Laboratories
				184 Liberty Corner Road
				Warren NJ 07060
				{kaiser,ulysses,alice,research}!ark