Authenticating a program

[DeepT]

I have an application that talks to a home sever once in a while and may download updates which can be .EXEs or .DLLs. It has been brought up that a Man in the Middle attack (MitM) can allow someone to download bogus files. IE: My app tries and downloads App.exe from our server, but the download is hijacked and ends up downloading the file from another source.

The first idea was to simply use MD5 sums (which we already use to validate the files), but that is only a minor obstacle. A would-be hacker just needs to get a copy of the updated file, make his Trojan file and tweak it until the MD5 sum of the Trojan matched the actual file. I am not sure how hard or easy this is to do. Maybe it is good enough, maybe not.

If it is not good enough, what are some other ways you can authenticate a file actually came from where you thought it did? Another idea I had was using Certs. We already sign our application and DLLs. It would seem that if I could look at a downloaded file and see if it was signed AND if it was the same cert as the current application had (or perhaps a newer version). I was looking at the Crypto-Cert API and nothing jumped out at me as a clear way to do this. The other issue is how do you validate a file you didn't make? IE: a MFC.DLL or something that isn't signed.

Anyway, any comments or suggestions on how to authenticate a downloaded file would be welcome.

[sjaycohn]

Possible solution:

The MD5 is just not good enough for authentication.
You could try the HMAC-MD5, which is much more secure.

Of course you could always go the certificates route, but I personally prefer to use a secure hash.
This doesn't guarantee where the file came from, but it should be enough to guarantee that it is the right file.

Keep in mind - No Secure Hashing is foolproof - but you can get pretty close.


I hope this helps.

[DeepT]

That doesn't really solve the MitM attack problem. It is just an MD5 that is encrypted. The encryption doesn't buy you anything in this case (for files, not passwords).

For example:

A new version of App.dll is available. MyApp.exe downloads the new DLL and lets say it uses HMAC-MD5. Anyone intercepting the data stream can't see the real MD5 hash that App.dll is supposed to have right?

Well Mr. Hacker just downloads the REAL App.dll, computes its REAL MD5 hash, and makes Trojan.dll. Now he does a MitM attack, incercepts the download of app.dll and replaces it with Trojan.dll. MyApp.exe downloads the file, decrypts the HMAC-MD5, then does the MD5 compare, and they match.

[zerver]

Store the file on the server as a password protected zip file.

Download, try to unzip with password. Should be secure enough.