[EdCert previous] [EdCert next] [EdCert top]

It's sufficient as long as the checksum algorithm isn't altered

If an intruder finds the checksum method they can change the padding bytes in a file such that the checksum algorithm will claim it matches the master copy even after it has been altered. Cryptographic checksums can provide some additional security. A cryptographic checksum can be created by encrypting a file before executing a checksum. The output of whatever command is used to perform the encryption can be piped to a checksum program. Whatever key is used to encrypt files should be different from the one used for encrypting system passwords.




[EdCert previous] [EdCert next] [EdCert top]