What Is the Difference Between Checking for Integrity and Authenticity of an ISO File

mia_tech · 02-04-2022, 03:40 PM

I'm downloading the latest version of linux mint and towards the bottom of the download page they have an integrity and authenticity key.
the integrity I know why we check it. to know that the image has not been tampered with, but why run a gpg command against the iso image. As far as I know gpg is for encryption. here's the link to the page

https://linuxmint.com/edition.php?id=293

astrogeek · 02-04-2022, 03:53 PM

Checking integrity, such as a checksum, lets you know the file was not corrupted during download or modified at any time since it was produced.

Checking authenticity, such as via GPG, lets you know that it is in fact the very file produced and signed by the source.

The reason both are necessary is that a malperson with access could modify both the file and the published checksum, so that the checksum you check would be correct while the file had been tampered with or replaced, but they should not be able to sign the forgery with the orgin key.

ondoho · 02-06-2022, 04:28 AM

linuxmint.com was hacked a while ago, so I guess they learned their lesson and are extra careful now.

mia_tech · 03-01-2022, 08:12 AM

Quote:

Originally Posted by astrogeek

The reason both are necessary is that a malperson with access could modify both the file and the published checksum, so that the checksum you check would be correct while the file had been tampered with or replaced, but they should not be able to sign the forgery with the orgin key.

if I understand correctly the sha256sum.txt.gpg is the signature of the iso file or the sha256sum file which is a key. I know that gpg is a signature file. well gpg (good privacy) is an encryption program that generates a private key and a public key. which is posted on the iso download file? the public? and then you have to check against the private key uploaded to a server? therefore validating the authenticity of the person who signed the file? what if the malicious attacker posted its own gpg key?

hazel · 03-01-2022, 08:22 AM

Quote:

Originally Posted by mia_tech

Which is posted on the iso download file? the public?

That's right, more or less. It isn't included in the file, but it's available separately for the package manager to use in checking.

Quote:

and then you have to check against the private key uploaded to a server?

Not quite. The private key, used to sign packages, stays on the maintainer's computer. Only the public key is made available to users.

Quote:

therefore validating the authenticity of the person who signed the file? what if the malicious attacker posted its own gpg key?

There was a scare about this in the Slackware forum last year https://www.linuxquestions.org/quest...ed-4175694561/. Someone pointed out that the public key available for packages could be spoofed. A bad actor could sign contaminated packages with his own private key and see to it that the public key supplied to users was the corresponding one. The solution was and is to provide the correct public keys from a different well-guarded machine, not the one used to host the repository.

sundialsvcs · 03-01-2022, 08:52 AM

"Digital signing" is one of the many services offered by GPG/PGP®, and it basically works like this:

A trusted party calculates a strong checksum, such as SHA1, then encrypts that checksum using its private key and attaches it to the file. He then publishes a copy of the corresponding public key. In order to verify the contents of the file, you first decrypt the checksum using the public key – thereby confirming that in fact you can successfully do so – and then compare your calculated checksum to the decrypted value.

All encrypted messages are also signed as a matter of course, but unencrypted content can also be signed.

Public keys are usually stored in "key repositories" which endeavor to vouch for the origins of the parties who place the keys, but reducto ad absurdum is still possible: theoretically, you could fake content, sign it with a fake private key, and publish it using a fake public key – otherwise known as "an imposter." Good until you get caught.

A public key file also contains identifying metadata which cannot be altered unless you possess the corresponding private key.

mia_tech · 03-01-2022, 12:52 PM

Quote:

Originally Posted by sundialsvcs

"
Public keys are usually stored in "key repositories" which endeavor to vouch for the origins of the parties who place the keys, but reducto ad absurdum is still possible: theoretically, you could fake content, sign it with a fake private key, and publish it using a fake public key – otherwise known as "an imposter." Good until you get caught.

ok, so when it comes about public key publish next to iso download is to verify the authenticity of the publisher (gpg signature) not the files itself. Is to verify he is who he says he is? b/c is more difficult to alter the iso image and sha256sum key and at the same time tamper with the gpg signature? why the don't call it a signature then? that's why threw me off

hazel · 03-02-2022, 05:11 AM

On the site you have the software file itself, a hash of it, and a "signature file". This is the hash encrypted with the maintainer's private key which never leaves his machine.

The package manager downloads all three files and decrypts the signature file using the distro's public key which is stored somewhere on your machine. If the result is identical to the unencrypted hash, then the signature file was definitely signed by the maintainer and the hash must be the one the maintainer made from his reliable copy of the package file. It has not been replaced by a new hash from somebody else's dishonestly modified version. Next that hash file is checked against a new hash of your downloaded package. If they are identical, then the package has not been tampered with either, nor has it been corrupted in the download. You can install it safely.