On Tue, 2 Mar 2010 23:31:08 -0800 Don Quixote de la Mancha <quixote@xxxxxxxxxxxxxxxx> wrote: > The Chicken and Egg Problem for checksums was solved for the IP header > checksum, and the TCP payload checksum back during the 1970s. > > When calculating the checksum, set the checksum field itself to zero. > When verifying the checksum, skip over the value that is actually > present. Perform the calculation as if it was actually set to zero. The IP checksum isn't very strong. It's arguably fine for general purpose data in small blocks but not for a DVD image > > CD and DVD images could do the same thing. > > It would be enough to append a single 32-bit CRC just to ensure that > your download wasn't corrupted, or that you had a good burn, but if > you wanted to make sure that the Russian Mafia hadn't patched your > kernel, you could add one entire 2048-byte sector to your image, and > fill it all up with one big cryptographic hash. That only works if you know an existing shared secret. Alan -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
