Collaborate Disseminate
I would think all it has to do is read the file, compute an SHA 256 in fast AES hardware, and compare it to a known correct value from a table that was itself hashed for validation.
But it seems to take forever. How come? Are they sending … Continue reading Why does Windows SFC /scannow take so long to run? [migrated]
I need to receive some important documents from another person. It may be important to be able to prove (in justice) which files exactly I received from that person at a specific moment.
My first guess was to ask the person to send me the … Continue reading How to receive large files guaranteeing authenticity, integrity and sending time
I use linux and tend to distro hop a lot. I’ve noticed often that the distributions offer that you verify the download with a sha256sum hash and a GPG key.
My understanding is that a file, e.g. a linux .iso file will have an (almost) uniqu… Continue reading What is the point of a gpg file alongside the hash of a Linux ISO download? [duplicate]
There is an argument that if the Proof-of-Work (PoW) mechanism is removed from the Bitcoin network or if the puzzle does not have a sufficient level of difficulty proportional to the computing power of the network, the chaining of transact… Continue reading Is PoW an indispensable component in blockchain? [closed]
IPsec is said to have "partial" replay protection because if a packet arrives outside the window, we can’t track it, so we have to make a choice: do we risk and accept it, or do we drop it?
If we drop all these outside-window pa… Continue reading Why does IPsec has a "partial" replay protection? If we drop all packets outside the moving window, then where is the threat?
Here the author writes "sender authentication". Does he mean data origin authentication? Or is sender authentication something different?
Wikipedia says that "data origin authentication (or message authentication) is a pro… Continue reading Is there a difference between data origin authentication and sender authentication?
With IPsec transport mode we CAN’T have integrity of variable fields (eg TTL and checksum).
Why is it a problem? Is it? What could be the attack?
I think TTL expire or checksum modification (so both DoS), but I mean, if an attacker can mod… Continue reading Why is IPsec transport mode "vulnerable" for not having integrity of variable fields? Why is this so important?
For ESPv2 I’m referring to this: https://datatracker.ietf.org/doc/html/rfc2406 so the version which supports of course confidentiality, but also authentication ONLY FOR THE PAYLOAD, NOT of the IP header.
My professor warns against using ES… Continue reading What attacks can be performed by changing header of IP packet if I apply only ESPv2 of IPsec(so not providing intergrity for the IP header)
How could one verify the integrity of all binaries of packages installed manually via installers and dpkg on Debian/Linux?
So far the only thing I could think of is this:
verify that which veracrypt returns /usr/bin/veracrypt
Does the GNU GUIX package manager in require successful cryptographic authentication and integrity validation for all packages?
I know that software downloaded with apt-get packages must be cryptographically verified because the repo’s man… Continue reading Does GUIX provide cryptographic authentication and integrity validation?