Security/Features/Content Hashing/Spec: Difference between revisions
< Security | Features | Content Hashing
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 5: | Line 5: | ||
=Use cases= | =Use cases= | ||
= Technical issues = | |||
== External elements update == | |||
=Potential security issues= | |||
== Second image collision attack == | |||
An attacker can potentially create a hash collision between a specially crafted file and a well known file if the hashing algorithm is weak. | |||
MD5 must be avoided at all cost. | |||
== Integrity == | |||
Using the hash as an integrity mechanism is tricky because it can be delivered over HTTP. In this case a Man in the Middle attack can be performed. | |||
Communicate this limitations to user and developer is tricky. | |||
= Previous work == | |||
Previous work on the subject: | |||
* http://wiki.whatwg.org/wiki/Link_Hashes | |||
* http://www.gerv.net/security/link-fingerprints/ | |||
Revision as of 22:12, 15 July 2011
Specification
The content hashing mechanism aims at improving the browser caching performance and providing a means for website to enforce the integrity of their external resources.
Use cases
Technical issues
External elements update
Potential security issues
Second image collision attack
An attacker can potentially create a hash collision between a specially crafted file and a well known file if the hashing algorithm is weak. MD5 must be avoided at all cost.
Integrity
Using the hash as an integrity mechanism is tricky because it can be delivered over HTTP. In this case a Man in the Middle attack can be performed. Communicate this limitations to user and developer is tricky.
Previous work =
Previous work on the subject: