Methods to Prove Data Authenticity from Potentially Compromised Sources?

I’ve been thinking about this problem for some time and I wanted to ask if there are any known methods, or research papers, about how to prove "authenticity" or correctness of data originating from a potentially compromised source (remote server, process, etc). Specifically what I’ve been imagining is say you have service A and service B, service B sources data from A but is worried that A has been compromised such that even if data is signed by A, B can’t trust that it was generated by code written by A‘s developers. Is it possible for B to prove to itself that data from A is authentic, that it was indeed generated by the expected code and not injected or generated by an attacker who has compromised A?

One solution I’ve been thinking about is using a sort of distributed ledger or blockchain so that multiple nodes compute the same data, and in doing so raises the bar such that an attacker would have to compromise N% of the services producing the needed data, this provides naturally replication and I can use an appropriate consensus protocol, but ofc introduces some overhead, efficiency concerns, and I would need to think hard about side-effects being performed more than once.

If there is only one node possible of generating data, such as a sensor node, and it is compromised, I’d imagine all hope is lost, but I also wouldn’t be surprised if there is some clever crypto scheme that attempts to solve this problem as well.

I hope it’s clear as to what the question is, thank you.

Is a SHA checksum enough to verify integrity and authenticity?

This is a broader question but here a concret example:

From https://www.apache.org/info/verification.html :

File hashes are used to check that a file has been downloaded correctly. They do not provide any guarantees as to the authenticity of the file.

I don’t understand this part: They do not provide any guarantees as to the authenticity of the file.

The checksum used is from a trusted HTTPS source (Eg: https://downloads.apache.org/tomcat/tomcat-8/v8.5.56/bin/apache-tomcat-8.5.56.zip.sha512).

How a file can not be authentic if it match a checksum from a HTTPS trusted source?

Or do I miss something and I still need to validate with a GPG key?

Proving authenticity of data accessed over TLS by an untrusted third party

Is there any way an untrusted third party who has access to content from a website over HTTPS can prove the authenticity of the data (i.e. that it was distributed by a server in possession of a specific TLS private key)? The way TLS works makes it such that a packet capture and copy of the master key is insufficient to prove authenticity, since the HMAC key is derived from the master key, which makes it possible to forge the message. Because the third party is untrusted, having them verify the TLS themselves then endorse the authenticity by digitally signing the material is not a solution either.

I’m pretty sure there is no solution under these constraints, but there may be something I missed.

How can I protect the confidentiality, integrity and authenticity of my communication if I am victim of a Man-in-the-Middle attack?

Imagine a scenario where my ISP attempts to use a Man-in-the-Middle attack against me to read and possibly modify my internet traffic.

What can I do to access the internet and still ensure that my traffic remains confidential and integer?

Furthermore, are there techniques I can employ to make it more difficult for the ISP to notice that I am trying to evade their Man-in-the-Middle attack?

Proving Authenticity of Emails from Office 365 [on hold]

I have a situation where the authenticity of emails sent and received to an Office 365 account is being questioned. The claim is that the email conversation (a back and forth of about a dozen emails) was either created through software to make it appear to be between the two parties or the contents of the emails themselves were after the fact altered. I know for a fact that the emails were sent and received by the claimed two parties and that no alterations were made in any way to the contents. Perhaps relevant to the suggestion that the contents of the emails were altered, the emails (about a dozen) were sent in reply to each other (so the second email contained the first, the third contained the second and first etc.). The level of changes suggested to have been made would mean it would be immediately obvious to the receiver if they scrolled down that the chain underneath was substantially different to what they had previously authored.

Forensically, what can be done to prove (or if not provable, provide evidence in support of) the authenticity/non-spoofed nature of this email trail?

I have already pasted the headers into two online services (Microsoft and another) and they appear to provide confirmation that the servers used were as would be expected in an authentic back and forth. With respect to the headers though, it would/could be argued that they were simply altered to reflect an authentic trail – is that something that is easy or possible to do?

I could pull the logs from the Office 365 side – again, is it easy or possible to simply modify those log files to reflect an authentic trail?

The broader question, with only detailed access to one side of the communication (the Office 365 side), is there a way to be able to make an assertion that the email communications were consistent with the way they are presented and not representative of a spoofed/altered trail?

My forensic skills are limited, however I am able to access any files and information (e.g. headers) necessary from the Office 365 end. I also know certain details about the other end that may be able to help in confirming authenticity.

Any interest in helping me arrive at a decision as to confirming or otherwise the authenticity of these emails is greatly appreciated.

Confidentiality and Authenticity of the Key in a Key-Value Store

What, if anything, can be used to provide confidentiality and authenticity guarantees for the storage keys used to store data in a key-value store?

To be clear what I mean by the storage keys – I mean the “key” in “key-value” store – I do not mean an encryption key.

The key-value store is something like Amazon S3 and is not trusted.

The storage keys have to be considered to be just as sensitive as the value objects.

But the storage keys are used to retrieve data from the store so they must also have a construction which is repeatable.

I’m using PHP and libsodium (via ParagonIE’s Halite) to encrypt the data and ideally I would use the same library to construct the storage keys.

A related question mentions HMAC, but I don’t know if that is useful.

Checking authenticity of a mobile app (digital staff card)

I’ve been asked to implement a digital card for member’s of our organisation, to replace the old plastic ones. Members would install our app on their phone and setup a “card” with their photo on it within the app. Once setup they could not change the photo.

Then when coming onsite they may get asked to show their card by opening the app and showing the security team the card screen in their app.

The security team of course needs some way to check that they are looking at the real app and not a photo-shopped screenshot or another app made to look like ours if they get suspicious.

I was thinking perhaps using the TOTP algorithm like Google Authenticator does to display a series of codes on the staff members card screen might work. Security staff could then enter the codes on their phone to verify them against the server and see if it was legit.

This wouldn’t be completely secure though of course as I’m sure there are ways for someone to steal the secret key from the phone and make use of it but perhaps it would be difficult enough? This isn’t super top secret stuff so just making it hard enough should suffice.

Does anyone have experience or ideas with ways to ensure authenticity of a digital card (app) that might work?

Thanks!

Ensuring Initial Authenticity

I want to preface this by saying I have no practical experience in security and I am just starting. So if at anytime I am misunderstanding or simply wrong about something, please let me know!

I think I understand how Asymmetrical encryption works and how it ensures confidentiality and integrity by way of encryption and authenticity (assuming you have it from the start) by way of using the private key to sign your transmissions. What I don’t understand is how you can ensure authenticity from the start when multiple computers who may have never communicated with each other before start exchanging their public keys. How can you ensure those initial public keys are not tampered with by a machine in the middle?

Confused about GitHub’s GPG key association and authenticity

I’m not sure I understand GPG, and something on GitHub has left me wondering.

In git, a GPG private key can then be used to sign commits, which allows someone who is in possession of the public key of the committer to verify the signature. If they know that the public key does indeed belong to the committer, then they can verify the commit authenticity.

By my understanding, the public key is public and it should be considered that anyone could have a copy of it.

In GitHub, it is possible to associate a public GPG key with an account by adding it through the settings, which will then display the commits as Verified, here’s an example.

enter image description here

In addition, GitHub API exposes the GPG keys, here’s an example.

There is something I am confused about though. Since all GPG public keys are supposed to be public, wouldn’t it mean that anyone in possession of my public key could associate it with their account even if they are not in possession of the private key, and therefore the Verified status does not provide authenticity?