part of the document, we will cover all the methods used to verify information

very topical case-history about it:
On  20th  February,  2016,  the  popular  Linux  Mint  portal,  currently  the  most
appreciated  Linux  distro,  as  well  as  the  latest  release  (Cinnamon  17.3)  were
violated. The attack on the disk image allowed the criminal known as Peace, to
have the complete control over all users who downloaded and installed the .ISO
during the previous 24 hours, through an IRC trojan called Tsunami.
If all users had run the data integrity verification (in this case over the .ISO),
probably nobody would have been infected.
7.1.1 Checksum & Hash
In IT, Checksum is the sequence of bits resulting from a calculation over an
information content. Such calculation is generated from a hash, a mathematical
function  that  returns  an  alphanumeric  value  (namely,  the  checksum)  in  a  non-
reversible  way:  simply  said,  passing  any  information  to  a  hash  produces  a
checksum,  (the  result).  This  way,  anybody  can  generate  a  checksum  starting
from a piece of information, but not vice-versa.
In addition, to be defined as good, a hash must be collision-resistant, e.g. it
must produce unique checksums that cannot be applied to two different types of
information.  Due  to  their  specific  nature,  hashes  are  commonly  used  in  IT,
especially  in  the  scope  of  password  memorization:  when  you  enter  a  password
on  a  portal,  such  password  –  as  per  security  practices  –  is  converted  in  the
related checksum using a specific hash, in order to compare the user input with
the  password  checksum  in  the  database,  avoiding  any  risk  from  storing  it.
Actually, passwords are “salted” first, but that’s another story.

7.1.1.1 Hash Types
In the IT world, you can commonly find three types of hash:
-
MD5
-
SHA-1
-
SHA-2 (256 or 512-bit)
Each  of  them  has  its  own  characteristics,  with  pros  and  cons:  for  the
purposes of this course, we’ll only state that the safest ones to date are SHA-256
and SHA-512.
7.1.1.2 Calculating a Checksum
Often,  in  the  macOS,  Linux  and  BSD  environments,  you  can  find  a  very
convenient command line tool, shasum. Use such tool as follows:
$ shasum [filename]
Just  like  the  vast  majority  of  UNIX  programs,  you  can  use  different
parameters to get the best out of it. If you wish to generate a checksum with 512-
bit SHA, you must find the correct parameter in the documentation, by using this
command:
$ shasum -h
or using the man command:
$ man shasum
Here you’ll see that the -a parameter manages the algorithm type of “depth”.
Then, use the command:
$ shasum -a 512 [filename]
to  generate  the  512-bit  hash.  As  the  result,  you’ll  get  the  generated
checksum;  feel  free  to  try  with  your  own  files.  Here’s  a  sample  output  from  a
random file:

c568ac4df6aef33d887b0326c46d340196fe722f34d696bf7ab7ac9bd2cad933bdc9aa581612d678bead2f3550438c9b7280cd99c2c7e469c76d9ab9d889a983
stefano9lli.txt
Let’s  say  you  want  to  verify  the  latest  Debian  version  (currently,  8.6.0  in
standard  version)  you  downloaded  to  your  computer,  in  order  to  verify  its
integrity. Firstly, generate the local checksum:
$ shasum -a 512 debian-live-8.6.0-amd64-standard.iso
Now,  compare  it  with  the  one  provided  by  the  developers  on  the  official
mirror
[82]
. In this case, choose SHA512SUM, then find the portion of interest in
the document:
e9506a3746e351203757599a8ce01ba4a84260a633177ee719fa6754b70151f82d03a2843c4aa58e17aa10c35e61369077ea3207b956183259be8444c465e4eb
debian-live-8.6.0-amd64-standard.iso
If the two checksums are identical, you downloaded what the devs deployed.
Windows  users  can  perform  this  operation  with  an  integrated  software.  The
command is certUtil:
$ certUtil -hashfile [filepath] [algorithm]
then,  in  case  of  a  random  file  on  your  Desktop  through  the  SHA-512
algorithm, the result will be:
$ certUtil -hashfile C:\Users\stefano9lli\Desktop\file.txt SHA512
Worthy of note is Hashtab
[83]
 (Figure  24),  a  freemium  program  that  installs
the  checksum  feature  directly  into  Windows  Explorer,  integrating  it  in  the
“Properties” menu, when you right-click a file.

Download 2,32 Mb.

Do'stlaringiz bilan baham: