From: Tim Newsham <newsham@lava.net>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
Subject: Re: [9fans] In case anyone worries about block hash collision in venti
Date: Sun, 7 Feb 2010 06:54:20 -1000 [thread overview]
Message-ID: <Pine.BSI.4.64.1002070649520.5454@malasada.lava.net> (raw)
In-Reply-To: <78b9710340a6345eac9f8690d306e1bb@brasstown.quanstro.net>
>> Sorry, this is all bunk. You shouldn't be worried about
>> an accidental collision. You should be worried about
>> an intentional collision. Especially if your filesystem
>> stores data that is under the attackers control such as
>> email messages, web page caches, etc. So what you need
>> to analyze isn't how often an accidental collision happens
>> but how hard it is to create an intentional collision.
>> All the popular hash algorithms have been losing ground to
>> attackers lately.
>
> can you make this a little more concrete? i'm having trouble
> understanding how a email that an attacker controls is
> a problem. assuming the attacker can predict the headers
> add well enough, this implies that the attacker, given access to
> your venti, can retrieve an email said attacker sent. where's
> the problem? i don't see it yet.
OK, lets assume that the attacker has the most powerful attack
against a hash available in which he can construct a garbage
block of data (perhaps with some control of its content) that
hashes to a value of his choosing. Now he predicts some data
that is likely to be written to your filesystem soon (say a
brand knew pull update that you havent pulled yet), makes
an email that has a data block in it that collides with that
block, sends that email to you. Your filesystem stores it.
Later you do a pull and venti notices that you don't have to
store one of the blocks because it already has a block stored
with that same hash. Now one of your files is corrupt.
Now in actuality an attacker probably doesn't have this strong
of an attack against your hash right now. But he might have
much weaker attacks that he can use creatively to cause some
collisions that lead to corruption of data. These attacks would
be much harder, but with enough creativity you can do some
intersting things. For example, see:
http://www.win.tue.nl/hashclash/rogue-ca/
> - erik
Tim Newsham | www.thenewsh.com/~newsham | thenewsh.blogspot.com
next prev parent reply other threads:[~2010-02-07 16:54 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-06 18:47 maht
2010-02-06 23:42 ` Tim Newsham
2010-02-07 4:47 ` erik quanstrom
2010-02-07 16:54 ` Tim Newsham [this message]
2010-02-07 17:44 ` erik quanstrom
2010-02-07 19:12 ` Don Bailey
2010-02-07 19:24 ` Nathaniel W Filardo
2010-02-07 22:08 ` matt
2010-02-08 23:37 ` Nathaniel W Filardo
2010-02-09 13:13 ` hiro
2010-02-09 13:50 ` ron minnich
2010-02-09 14:54 ` erik quanstrom
2010-02-07 20:03 ` Tim Newsham
2010-02-08 21:58 ` Georg Lehner
2010-02-07 20:21 ` [9fans] In case anyone worries about block hash collision in Lyndon Nerenberg (VE6BBM/VE7TFX)
2010-02-07 20:31 ` erik quanstrom
2010-02-07 20:57 ` Lyndon Nerenberg (VE6BBM/VE7TFX)
2010-02-07 23:25 ` Akshat Kumar
2010-02-08 0:37 ` Russ Cox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Pine.BSI.4.64.1002070649520.5454@malasada.lava.net \
--to=newsham@lava.net \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).