gpg signatures for release tarballs

Andreas Köhler at
Wed Mar 5 18:20:42 EST 2008


Am Dienstag, den 04.03.2008, 19:25 -0800 schrieb Alexander Sotirov:
> On Mon, Mar 03, 2008 at 09:02:59PM +0100, Andreas K?hler wrote:
> > As you can see the GnuCash 2.2.4 release announcement contained md5sums
> > and was signed with my private gpg key.  I hope that is better than
> > before.
> This is certainly better than nothing, but the MD5 algorithm has been broken
> and should not be used in the way you're using it. An MD5 collision attack can
> be used to generate two tar.gz files with different contents and the same MD5
> hash. Even if a user verifies your signature of the release announcement and
> checks the MD5 signature, there is no guarantee that the file has not been
> replaced with a malicious one.

Two tar.gz files with the same MD5 checksum are not necessarily
dangerous per se, unless you think that I distribute a pair of good and
bad tarballs :-D  Even rainbow tables would only help to recover the
plain source code ;-)

> See for more details.
> Instead of signing the MD5 hashes, you should sign the tar.gz files with:

Why *should* I?  Of course, I could, but an open question for me is the
benefit.  Once we put in strong cryptography, the focus will move to
another point that might look attractive to a potential attacker.  In
the end, I think it might even now be more feasible to try to hack into or my computer and muddle things up there than trying to
generate tarballs or win32 executables to a given md5 checksum.  All I
do is checking out from the central repository and using what is found
here at /usr/bin/make to create two files.  That is what you can do as
well and then you would have an even better "security" than what I can
provide you with.

But maybe I just do not understand the issue.

-- andi5

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : 

More information about the gnucash-devel mailing list