nanog mailing list archives
Re: IOS Rookit: the sky isn't falling (yet)
From: "Steven M. Bellovin" <smb () cs columbia edu>
Date: Thu, 29 May 2008 09:42:59 -0400
On Thu, 29 May 2008 09:18:07 -0400 "Fred Reimer" <freimer () ctiusa com> wrote:
So the only easy way to attack this is the MD5 hash. We have a know plaintext (the IOS code) and the hash. It is not trivial to be able to make changes in the code and maintain the same hash value, but there has been at least limited success in doing so.
No there has not. There has been considerable success at creating *collisions*; if you don't have a collaborator inside Cisco's build team, that does you no good in this case. There has been *no* success at preimage attacks, which is what we're talking about here. (Aside: I'm on record as saying I wouldn't be surprised if preimage attacks were developed soon by the cryptanalytic community, since people are paying so much more attention to hash functions now, but that hasn't happened yet.) If you do have a collaborator, there is a conceivable attack. Use the collision attack -- that is, the ability to simultaneously produce two files with the same hash -- to generate a genuine IOS image that is nevertheless susceptible to being replaced by a corrupted one. It's a delicate process, though, since even a 1-bit change will completely change the hash output and ruin the collision. You're much better off having your collaborator simply install a back door for you -- and it almost certainly won't be found. See http://www.eecs.berkeley.edu/Pubs/TechRpts/2007/EECS-2007-136.html or Chapter 8 of http://zesty.ca/pubs/yee-phd.pdf --Steve Bellovin, http://www.cs.columbia.edu/~smb
Current thread:
- Re: IOS Rookit: the sky isn't falling (yet), (continued)
- Re: IOS Rookit: the sky isn't falling (yet) Valdis . Kletnieks (May 27)
- RE: IOS Rookit: the sky isn't falling (yet) michael.dillon (May 28)
- Re: IOS Rookit: the sky isn't falling (yet) Steven M. Bellovin (May 28)
- Re: IOS Rookit: the sky isn't falling (yet) Gadi Evron (May 28)
- RE: IOS Rookit: the sky isn't falling (yet) Fred Reimer (May 29)
- RE: IOS Rookit: the sky isn't falling (yet) Jim Wise (May 29)
- Re: IOS Rookit: the sky isn't falling (yet) Jared Mauch (May 29)
- RE: IOS Rookit: the sky isn't falling (yet) Fred Reimer (May 29)
- RE: IOS Rookit: the sky isn't falling (yet) Jim Wise (May 29)
- RE: IOS Rookit: the sky isn't falling (yet) Fred Reimer (May 29)
- Re: IOS Rookit: the sky isn't falling (yet) Steven M. Bellovin (May 29)
- RE: IOS Rookit: the sky isn't falling (yet) Fred Reimer (May 29)
- Re: IOS Rookit: the sky isn't falling (yet) Gadi Evron (May 27)
- Re: IOS Rookit: the sky isn't falling (yet) Sean Donelan (May 27)
- Re: IOS Rookit: the sky isn't falling (yet) Gadi Evron (May 27)
- Re: IOS Rookit: running hacked binaries certainly places you at risk! Jared Mauch (May 27)
- Re: IOS Rookit: running hacked binaries certainly places you at risk! Gadi Evron (May 27)
- RE: IOS Rookit: the sky isn't falling (yet) michael.dillon (May 27)