zaqar

MongoDB: Use a secure hash function in lieu of crc32

Bug #1328722 reported by Kurt Griffiths on 2014-06-10

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	zaqar	Won't Fix	Medium	Unassigned

Bug Description

Since we expect operators to only use a small number of partitions (2-4), it was thought that CRC32 would provide a reasonably even distribution. An attacker may be able to create many queues, named is such a way that they end up on the same partition.

We need to assess this threat and decide if it is worth changing to a different hash, or abandoning the idea of partitioning across DBs altogether. If we do this, we will need to provide a way for operators to migrate their existing users.

See also: https://github.com/openstack/marconi/blob/master/marconi/queues/storage/mongodb/utils.py#L240

See original description

Kurt Griffiths (kgriffs) on 2014-06-10

description:

updated

Kurt Griffiths (kgriffs) on 2014-06-12

description:

updated

Revision history for this message

Kurt Griffiths (kgriffs) wrote on 2014-06-26:

Worst case, an attacker can force everything to the same DB. Since partitioning only provides a minor performance boost, the worst-case scenario would only slightly degrade system performance, and so isn't very useful for a DDoS.

no longer affects:

marconi/juno

Kurt Griffiths (kgriffs) on 2014-07-10

Changed in marconi:
status:	Triaged → Won't Fix

Thierry Carrez (ttx) on 2014-07-10

Changed in marconi:
milestone:	juno-2 → none

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.