USERQS88@SFU.BITNET (Charles) (12/05/90)
There seems to be a common misconception floating around that just anybody
can use the auto-verification feature of PkZip.
This just isn't so!
In the documentation that comes with PkZip, it states that you have to get
in touch with Phil Katz, and give him some information about your company's
name; he will then send you a corresponding verification key that you
apply to the programs you are pkzipping.. This key is kept private, so in
effect, the whole system is a public-key cryptography system.
Someone mentioned earlier that a trojan version of PkZip was released by
someone. This trojan version reported that the auto-verification key was
correct, and the software was intact. There are two ways this could have
happened:
1) The correct verification key was discovered, allowing any zip file
to be stamped with Phil Katz's own signature, in which case, I'd be
worried about the security, or...
2) The self-extracting archive was modified to ignore the signature, and
report "All's well!".
The second method can be tested by using PkZip 1.1 to test the signature,
instead of 'PkZip 1.2' (the trojan version).
Does anybody know the workings of the AV system, or more importantly, how
big the signature is, and whether two different signatures produce the same
result?
And as an aside, does anybody know how secure the PkZip encryption method is;
since the US Government insisted on the encrypting version of PkZip staying
within the boundaries of the US, one would suspect that it is pretty good.
>From the desk of: Charles Howes
USERQS88@SFU.BITNET - USERQS88@cc.sfu.ca (Expires soon)
c275387@csil.cs.sfu.ca (ditto)
In Canada, 1-604-531-5623 (Will never expire!)
Note: Students don't have opinions. :-)
Simon Fraser University, Burnaby, BC, Canadadave@tygra.ddmi.com (David Conrad) (12/07/90)
There's another way the Authenticity Verification of PKZIP might have
been fooled, though I doubt it was done this way, for reasons given
below.
As far as I know, PKUNZIP simply checks to see if the unzipped file
contains the same encrypted key that the file was originally zipped
with. Thus, the trojan author could have gotten a valid serial number
from PKWARE and zipped the file with it. Upon unzipping a message
would be displayed that the file was authentically made with *A VALID
SERIAL NUMBER*. Not necessarily the right serial number. Does anyone
know if the Name associated with the serial number is displayed upon
unzipping so that the user can confirm that the data was not just
zipped by *someone* with an AV serial number, but by the person whom
the user expects to have zipped it? I can't check this myself as I
only have the export version of the software. (Silly damn NSA....)
I presume, however, that the folks at PKWARE could determine which
serial number was used to zip the file, even if the current version of
their software doesn't display this information upon unzipping (well,
of course it wouldn't display the serial number, I meant to say the
name), thereby nabbing the culpret. This seems almost too obvious.
Has this been considered? It would be awfully funny if whoever did
this had given themselves away thinking they were clever enough to
outwith the AV.
- --
David R. Conrad | Domain: dave@tygra.ddmi.com | Path: uunet!tygra!dave
"Save the strong, lose the weak. Never turnin' the other cheek. Trust
nobody, and don't be no fool. Whatever happened to the Golden Rule?"
-- Stevie Ray Vaughn
- --
= CAT-TALK Conferencing Network, Computer Conferencing and File Archive =
- - 1-313-343-0800, 300/1200/2400/9600 baud, 8/N/1. New users use 'new' -
= as a login id. AVAILABLE VIA PC-PURSUIT!!! (City code "MIDET") =
E-MAIL Address: dave@DDMI.COM