Request to replace image SHA1 sums with SHA256

Currently when downloading an ISO image for Manjaro only SHA1 sums are provided for the images.

It has been known for some time that SHA1 is insecure:

The purpose of this request is to ask that images going forward be provided with SHA256 sums as these hashes are not currently known to have collisions and are currently considered secure.

1 Like

I'm not sure anyone is going to invest a year's worth of computation with 100 GPUs to generate a colliding SHA1 sum for an installer image which normally has a three-month lifespan, especially when there's a GPG signature too.

That said, it takes zero net effort to switch from sha1 to sha256, or minimal extra to provide each sha1, sha256, and sha512, so we should just do it.

@Maintainers Can you easily generate a number of different checksums for the installer images?

3 Likes

look...

sig, sha256 is also provided.

Edit: Same fore gnome and I'm pretty shure the others also.

2 Likes

It's not listed on the download page, although the GPG signature is.

However, if an attacker can intercept and MITM the download from an HTTPS site then they can also intercept and MITM the download page so I'm not sure what the effective difference is.

@shaneutt What attack is providing the sha256sum on the download page protecting against?


We already provide it in the normal deploy process..
If really is not present is only an error when we have upload it..

1 Like

....sorry, I newer go this way to downloads, but yes this has to be changed.

Oh if you don t see in the download page this is still in progress with the hacked repo.. So we have to see the repo for the dowloade page from home page.. @codesardine?

I've been sharing Manjaro with friends and teammates and I share it via the main website and downloads page. I've had 3 people message me while checking out the distro and ask why the downloads page provides SHA1 rather than SHA256.

I personally understand the context of how difficult and complex an attack from this vector would be, but my hope is that it will be found to be so simple to change that it won't be a problem. In that way we can take care of the actual technical security issue that underlies, but also improve perception of the distro a small bit based on my own experiences sharing it.

...go here, till this is fixed



cheers

Back in the days our download provider offered sha1sum by default when hovering over. We already recommend to check via the signature file rather checksums. We will see if it makes sense to display other sums instead of sha1.

I don't know why people hold Manjaro to a higher standard than other, larger distros.

For example, go to the Debian download page and try to spot a checksum or GPG key:

https://www.debian.org/distrib

(Hint: It's not obvious where they are)

Having downloads over HTTPS along with checksum and GPG keys should provide a full range of integrity verification options.

If you're paranoid then you'd check everything, not just the checksum. Where the checksum is most useful is for verifying the download has completed successfully.

Just because sha1 is provided instead of sha256 doesn't mean Manjaro is somehow insecure.

However - adding an sha256sum entry seems like a fairly trivial extra amount of work to keep those people happy - until they then ask "but why isn't sha512 provided too?"


Edit. Actually, all of this is written on the download page already:

It takes time to update our page and guidelines. However we already provide several checksum files additional to sha1.

To answer this specific question: it's shorter and easier to manually verify.

I understand and appreciate the thoughts brought up in this post Jonathan, and I get where you're coming from. My thoughts still lean towards it being better to display the stronger hash on that first download page people hit based on the assertions in this thread so far that it should be simple to change. I'm curious to hear your continued thoughts on this.