Request: tamper-proofing executables
michael shiplett
michael.shiplett at umich.edu
Sat Jul 9 15:22:56 PDT 1994
"dm" == Dan Marner <dmarner at mis.nu.edu> writes:
dm> I would appreciate any pointers to documents, source code or
dm> programs that deal with using cryptographic techniques to detect
dm> or prevent modification of executable code. I am looking for
dm> something that uses either a signature or a one-way hash to detect
dm> modifications at run time.
dm> Of particular interest is information on signing a file that
dm> includes the signature as part of the file. Is this possible with
dm> any of the common algorithms?
Claris has or had some checks in their software to attempt to
recognize that the application had been modified. I think this even
detected a (previously unknown?) Macintosh virus.
Regardless, this scheme seems rather susceptible to attack. More
useful is something like tripwire--a regularly run program which keeps
checksums of various files on disk; stores the checksums on apart from
the data; and compares the previous checksum with the current
checksum.
michael
More information about the cypherpunks-legacy
mailing list