Open Stack

On 2019-04-14 00:53:47 +0200 (+0200), Thomas Goirand wrote:
> On 4/12/19 8:06 PM, Jeremy Stanley wrote:
> > On 2019-04-12 09:27:35 -0500 (-0500), Sean McGinnis wrote:
> > [...]
> >> Hmm, according to the spec, Nova verifies those checksums as of Mitaka [0].
> >> Though Cinder did not get the same enforcement until Rocky [1].
> >>
> >> [0] https://specs.openstack.org/openstack/nova-specs/specs/mitaka/implemented/image-verification.html
> >> [1] https://specs.openstack.org/openstack/cinder-specs/specs/rocky/support-image-signature-verification.html
> >>
> >> (And specs are always 100% accurate, right?)
> > 
> > Neat, I had no idea that had improved in the past few years. At any
> > rate, my main point still stands: if you don't trust the operators
> > of that environment then the checksums are pure theater, since they
> > could disable checksum validation or even just serve you a
> > completely fictional hash from the catalog.
> 
> If you believe your host is capable of such things, you probably
> should go somewhere else.

Yes, that was my point in a nutshell. (Well, s/capable/guilty/ as
all operators are *capable* of making these alterations, but we
mostly expect them to be honest enough not to.) Image checksums
reported by the API are no guarantee, regardless of whether they're
MD5 or SHA2-512. Either you trust your provider hasn't made
alterations or you don't. It's far easier to just fake the checksum
in the API than it is to engineer an MD5 hash collision a la second
preimage attack, so the fact that the MD5 algorithm is considered
cryptographically "weak" these days means very little in this
context.
-- 
Jeremy Stanley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190414/67034d29/attachment.sig>