WHMurray@DOCKMASTER.ARPA (01/05/90)
First, let me take this occasion to apologize to Y. Radai for my offenses of style and hyperbole. Then I would like to comment on his discussion that appeared in VIRUS-L, Vol. 3, Issue 4 on the indicated cross-over point for sophistication of the algorithm in generating authenticators for programs. I tend to agree with most of his observation as they relate to the use of the authenticator to recognize the contamination of a program in the target execution environment. However, I think that I speak for Bob Bosen as well as myself when I suggest that we both have in mind another use. Bob posits the use of a MAC to ensure that programs are received as they were shipped. This use offers some protection against contamination of a program during transit from its trusted author to the point of use. I go a little further. I suggest that programs be digitally signed by their originators. (For more reasons than need be listed here, I currently recommend RSA MailSafe for this application. This is a hybrid implementation which uses a block-product cipher for processing the program and RSA for key-management and distribution.) This use not only enables the user to know that the program has not been changed since original shipment from the author, but also enables the author to disown any late changes. If the end-user does not know or trust the author, but relies upon some inter-mediate authority, such as the NCSC, or his own management, then the program can be countersigned by this authority. Note that for this application more time and resource would be available for an attack. In addition multiple people would have to rely upon the same algorithm or mechanism. These two requirements argue for a strong alogrithm of known strength, i.e., a "standard" one. We argue that the provenance of a program or other data item is essential to confidence in it. Immutability contributes. While immutable media, such as CD-ROM, and a record of custody can be made to work in special cases, digital signatures can be made to work in most. They are independent of the media and move with the program. Thus we argue for an additional use that has different requirements than those considered by the other discussions. William Hugh Murray, Fellow, Information System Security, Ernst & Young 2000 National City Center Cleveland, Ohio 44114 21 Locust Avenue, Suite 2D, New Canaan, Connecticut 06840