http://slashdot.org/article.pl?sid=04/08/12/2051219&tid=172
If you embed a signature of the file into the file, doesn't this by definition change the file's signature?
- Set the swappable instructions in the program to their bitwise equivalent of 0.
- Calculate a signature based on that number.
- Swap the instructions to encode that number.
To decode.
- Find swappable instructions.
- Determine what bit setting they're at.
- Set their bit setting to 0.
- Recalc signature based on the new bit setting.
- Compare to the bit setting you just retrieved.
I would still recommend publishing a separate public key, however,
and include an encrypted signature in the program. As you say, it can
always be changed and re-encoded.
On the other hand, this might be useful on a server, by
encoding a public key and checker on a CD-R and checking all your
programs periodically against the CD-R key. You could encode signatures
in each program and be able to upgrade programs from a central encoding
server without having to write a new cd each time.
Say you have an executable:
1337PROGRAM
Your signature checking routine then does this:
1_3_3_7_P_R_O_G_R_A_M
and computes the hash
deadbabeca
And then sends:
1d3e3a7dPbRaObGeRcAaM
To reverse, we extract the hash (deadbabeca) and the "original" executable.
Then we compute the hash (of 1_3_3_7...) and check if it matches...
In summary, we embedded a checksum, but we removed it before we checked it. Simple, really.
2 comments:
I have no idea what you just said. :)
I don't either, which is why I posted it -- a digital sticky note to refer to later.
It's a quote from a Slashdot article.
Post a Comment