Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!brutus.cs.uiuc.edu!jarthur!polyslo!vlsi3b15!vax1.cc.lehigh.edu!sei.cmu.edu!krvw
From: WHMurray@DOCKMASTER.ARPA
Newsgroups: comp.virus
Subject: Uses of MACs Against Viruses
Message-ID: <0012.9001051609.AA06289@ge.sei.cmu.edu>
Date: 4 Jan 90 19:33:00 GMT
Sender: Virus Discussion List <VIRUS-L@IBM1.CC.Lehigh.EDU>
Lines: 46
Approved: krvw@sei.cmu.edu

First, let me take this occasion to apologize to Y. Radai for my
offenses of style and hyperbole.  Then I would like to comment on his
discussion that appeared in VIRUS-L, Vol. 3, Issue 4 on the indicated
cross-over point for sophistication of the algorithm in generating
authenticators for programs.

I tend to agree with most of his observation as they relate to the use
of the authenticator to recognize the contamination of a program in
the target execution environment.  However, I think that I speak for
Bob Bosen as well as myself when I suggest that we both have in mind
another use.

Bob posits the use of a MAC to ensure that programs are received as they
were shipped.  This use offers some protection against contamination of
a program during transit from its trusted author to the point of use.

I go a little further.  I suggest that programs be digitally signed by
their originators.  (For more reasons than need be listed here, I
currently recommend RSA MailSafe for this application.  This is a
hybrid implementation which uses a block-product cipher for processing
the program and RSA for key-management and distribution.)  This use
not only enables the user to know that the program has not been
changed since original shipment from the author, but also enables the
author to disown any late changes.  If the end-user does not know or
trust the author, but relies upon some inter-mediate authority, such
as the NCSC, or his own management, then the program can be
countersigned by this authority.

Note that for this application more time and resource would be
available for an attack.  In addition multiple people would have to
rely upon the same algorithm or mechanism.  These two requirements
argue for a strong alogrithm of known strength, i.e., a "standard"
one.

We argue that the provenance of a program or other data item is
essential to confidence in it.  Immutability contributes.  While
immutable media, such as CD-ROM, and a record of custody can be made
to work in special cases, digital signatures can be made to work in
most.  They are independent of the media and move with the program.

Thus we argue for an additional use that has different requirements
than those considered by the other discussions.

William Hugh Murray, Fellow, Information System Security, Ernst & Young
2000 National City Center Cleveland, Ohio 44114
21 Locust Avenue, Suite 2D, New Canaan, Connecticut 06840