I'm in the process of setting up a new PC and experimenting with a new Linux distribution. While downloading, I'm curious about how the signature verification system works for these ISO files. I understand that GPG encryption creates signatures with a private key that can be checked with a public key. However, I'm trying to grasp how this protects against a scenario where someone could replace the original ISO file with a malicious version but keep the signature file (the .sig file) unchanged. If they did that, wouldn't the GPG verification still pass? Can someone help clarify how this works?
5 Answers
To be safe, always ensure you download from trusted sources and check the signatures against known public keys. That way, even if someone tries something shady, you’ll catch them!
When you download an ISO, you also usually get a checksums file, like SHA256SUMS. This file contains the hashes of the ISO files. If someone alters the ISO, the hash changes, but attackers can also upload fake SHA256SUMS files with new hashes. That's where the signed SHA256SUMS comes in. It's signed with the official key, meaning if it doesn't match up, the hash is invalid, and you can be sure it’s not legit!
The risk is pretty low since getting the publisher's private key is very difficult. It's stored securely away from the file, typically on the developers’ devices. If a malicious entity were to do this, they would likely need access to the signing key, which isn’t usually easy to obtain.
If the ISO is altered, the signature no longer verifies. Your concern about supply chain attacks is valid, but that's why public keys are set up to prevent tampering. Only the original authors should have their private keys, making mass alterations unlikely.
Basically, if the ISO changes, the original .sig file will no longer match the modified ISO file, causing the verification to fail. If the attacker manages to change both but the .sig matches the new ISO, verification will fail against the publisher's public key since they don't have access to the private key that signed the original.
I see now! I wasn't aware the .sig is actually a signature for the checksum. That clears things up for me, thanks!