Provide a descriptive summary of the issue.
- Update the Radmind transcript format to support an array of
multiple checksum types on each transcript line.
- Steps to reproduce
In numbered format, detail the exact steps taken to produce the
- Expected results
Describe what you expected to happen when you executed the steps
- The transcript format would be revised to support an array of
checksums for each file, possibly with a master checksum that
corresponds to today's single checksum hash.
- Actual results
Please explain what actually occurred when steps above are
- The Radmind tools as of version 1.11.1 support only a single
checksum per transcript line.
- This limits the longevity of transcripts created today and may
make upgrades to newer hashing algorithms more difficult over
Describe circumstances where the problem occurs or does not
occur, such as software versions and/or hardware configurations.
Provide additional information, such as references to related
problems, workarounds and relevant attachments.
- In supporting multiple checksum types in an array on each
transcript line, the Radmind tools could become more flexible for
future expansion. New checksum types could be enabled over time,
in much the way that new encryption types have been added to
- There could be a primary checksum, which could correspond to
today's checksum field.
- The additional checksums could also be used during fsdiff. While
this would be compute- and I/O-intensive, it would provide
additional assurance that an attacker has not replaced a file
with an alternative that takes advantage of the slim chance of
breaking a single checksum. It is unlikely that an attacker could
create a single alternate file that would pass checksumming with
two or more different hashing algorithms. This type of scan could
be used by paranoid administrators for more sensitive files, such
as core operating system or kernel files files.
- The tools may then need to be revised to support a minimum and/or
maximum checksum type, in similar fashion to how gzip compression
is handled between Radmind client and server today.
- The tools may also need to handle the situation where mixed
checksum types are used, depending on the transcript line
compared against (especially if a primary checksum field and an
array are both listed for each transcript line). I am ignorant of
the compute power needed for various types of checksums, but this
may allow the mixing and matching of checksums so that less
intensive ones can be used for less important files, based on the
desires of the administrator.
- System configuration
Include the current system configuration of each computer that
experienced the problem.