https://bugzilla.wikimedia.org/show_bug.cgi?id=60832

       Web browser: ---
            Bug ID: 60832
           Summary: Better hashing for IP addresses on Event Logging
           Product: Analytics
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: Unprioritized
         Component: General/Unknown
          Assignee: wikibugs-l@lists.wikimedia.org
          Reporter: nu...@wikimedia.org
                CC: christ...@quelltextlich.at, dvanli...@gmail.com,
                    tneg...@wikimedia.org
    Classification: Unclassified
   Mobile Platform: ---

The current behavior when hashing IP addresses on Event Logging is to generate
a 'salt' (really a key) at runtime and to
use it continuously for the lifetime of the program. The lifespan of the key
and the cheapness of the hash function make it easier to attack. 

Per security's team request we should be making EventLogging scramble IPs by
generating an HMAC SHA1 with the IP address
as the message and a random byte string as the key. The key rotates every 90
days.

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

Reply via email to