Page MenuHomePhabricator
Create Task
Maniphest T62832

Better hashing for IP addresses on Event Logging
Closed, ResolvedPublic
Actions

Description

The current behavior when hashing IP addresses on Event Logging is to generate a 'salt' (really a key) at runtime and to
use it continuously for the lifetime of the program. The lifespan of the key
and the cheapness of the hash function make it easier to attack.

Per security's team request we should be making EventLogging scramble IPs by generating an HMAC SHA1 with the IP address
as the message and a random byte string as the key. The key rotates every 90
days.

Version: unspecified
Severity: normal

Details

Reference
bz60832

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 22 2014, 2:53 AM
bzimport added a project: Analytics-General-or-Unknown.
bzimport set Reference to bz60832.
bzimport added a subscriber: Unknown Object (MLST).
Nuria created this task.Feb 4 2014, 3:38 PM
bzimport added a comment.Feb 4 2014, 3:40 PM

bingle-admin wrote:

Prioritization and scheduling of this bug is tracked on Mingle card https://wikimedia.mingle.thoughtworks.com/projects/analytics/cards/cards/1430

Nuria added a comment.Apr 21 2014, 9:17 PM

Changes to this regard were already done. This bug can be closed.

Nuria added a comment.Apr 21 2014, 9:18 PM

Pertinent changeset: https://gerrit.wikimedia.org/r/#/c/110700/

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL