Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240926191139.GA9140@openwall.com>
Date: Thu, 26 Sep 2024 21:11:39 +0200
From: Solar Designer <solar@...nwall.com>
To: LinkinStar <linkinstar@...che.org>
Cc: oss-security@...ts.openwall.com
Subject: Re: CVE-2024-40761: Apache Answer: Avatar URL leaked user email addresses

Hi LinkinStar,

There were several more replies from others, please see in the list
archive if you're not subscribed:

https://www.openwall.com/lists/oss-security/

On Thu, Sep 26, 2024 at 10:10:38AM +0800, LinkinStar wrote:
> Because *Gravatar recommends using sha-256*, we believe there must be a
> reason for its modification. Since the official recommendation is to change
> the encryption method, why not implement it according to the official
> requirements? You must admit that sha-256 is more difficult than md5, even
> if only slightly. Although this may not completely solve the problem, I
> believe following the official recommendation would be marginally better,
> wouldn't it? So I think this fix itself is acceptable.

The change is fine - just don't call it a security fix.  Also, this is
hashing and not encryption.

Others pointed out that Gravatar's recommendation is just that - not a
specification - so unless you need interoperability with other servers
implementing Gravatar, you can do better than SHA-256.  Specifically,
use of a keyed hash such as HMAC-SHA256 was suggested and makes sense to
me - as long as the key is generated from a CSPRNG (such as
/dev/urandom) and is large enough (such as 32 bytes).

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.