On 2017-09-29 12:31:21 -0400 (-0400), Jay Pipes wrote: [...] > Can someone please inform me how changing the checksum algorithm > for this operation to SHA-1 or something else would improve the > security of this operation? [...]
The current known flaws in MD5 pretty much boil down to this one potential exploit scenario: As a devious malcontent, I construct two images which are specially engineered to result in the same MD5 checksum (this part alone may not even be possible depending on the nature of the image protocol and its metadata headers, but let's leave that aside for the moment). One image is benign, and the other is malicious in nature. I upload the benign image and get people to trust it. Later I (again, exercise left to the imagination of the reader... leveraging optional external image locations functionality in Glance?) substitute the malicious image and people begin booting it instead, continuing to trust it because it has the same checksum. This example is, of course, contrived and riddled with gaping plot holes; it would never make for a mystery bestseller. Who or what is even validating these checksums to begin with? If you can get people to run images you've uploaded, odds are it's game over anyway regardless of whether or not the checksums change, and the known avenues for that involve either an inside job or dangerous configuration options. The simpler explanation is that people hear "MD5 is broken" and so anyone writing policies and auditing security/compliance just tells you it's verboten. That, and uninformed alarmists who freak out when they find uses of MD5 and think that means the software will be hax0red the moment you put it into production. Sometimes it's easier to just go through the pain of replacing unpopular cryptographic primitives so you can avoid having this same discussion over and over with people whose eyes glaze over as soon as you start to try and tell them anything which disagrees with their paranoid sensationalist media experts. Oh, also, SHA-1 isn't much better in this regard. -- Jeremy Stanley
signature.asc
Description: Digital signature
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
