[openstack-dev] [Glance][Security] Secure Hash Algorithm Spec

Jay Pipes jaypipes at gmail.com
Fri Sep 29 16:31:21 UTC 2017 

On 09/29/2017 06:19 AM, Luke Hinds wrote:
> On Thu, Sep 28, 2017 at 8:38 PM, McClymont Jr, Scott 
> <scott.mcclymont at verizonwireless.com 
> <mailto:scott.mcclymont at verizonwireless.com>> wrote:
> 
>     Hey All,
> 
>     I've got a spec up for a change I want to implement in Glance for
>     Queens to enhance the current checksum (md5) functionality with a
>     stronger hash algorithm. I'm going to do this in such a way that it
>     is easily altered in the future for new algorithms as they are
>     released.  I'd appreciate it if someone on the security team could
>     look it over and comment. Thanks.
> 
>     Review: https://review.openstack.org/#/c/507568/
>     <https://review.openstack.org/#/c/507568/>
> 
> 
> +1 , thanks for undertaking this work. Strong support from the security 
> projects side.
> 
> Would be good to see all projects move on from MD5 use now, its been 
> known to be insecure for sometime and clashes with FIPS-142 compliance.

In the case of Glance's use of MD5 for checksums, it is used to identify 
whether a particular array of bytes that represents an image has 
changed. The client uploads a bytestream to Glance, which does a rolling 
checksum of that byte data for each chunk received and writes the 
checksum to the database upon completion of the upload.

That checksum number never changes since Glance images are immutable 
once uploaded.

Can someone please inform me how changing the checksum algorithm for 
this operation to SHA-1 or something else would improve the security of 
this operation?

As someone who recently had to go through thousands of (mostly bogus) 
entries in a spreadsheet generated from the Bandit "security scanning 
tool", I'd like to ask that we approach these kinds of things with some 
common sense and not just as a checking-the-box-off activity.

md5 is used in a number of places in many OpenStack services, and often 
those uses have nothing to do with cryptography. Rather, in those cases 
md5 is used as a simple mechanism to generate a hash from a name. [1]

All I ask is that we don't have an army of people going out and 
replacing blindly all uses of the MD5 algorithm everywhere, since (as I 
learned recently) that will just lead to a lot of busywork for little gain.

Best,
-jay

[1] https://github.com/openstack/nova/blob/master/nova/utils.py#L1067

More information about the OpenStack-dev mailing list