[OpenSER-Devel] core_hash - reliability
Henning Westerholt
henning.westerholt at 1und1.de
Mon Feb 4 10:07:06 UTC 2008
On Wednesday 16 January 2008, Carsten Bock wrote:
> i have a question regarding the core_hash-function from the
> OpenSER-Core:
> - how collision safe is the function? We currently use this function
> over the Call-ID and with MAX_INT as Hash-Size to determine different
> dialogs in our system; is it safe? If i read the SIP-RFC, i think i
> should extend it to Call-ID and From / To-Tag...
> - is there any (theoretical) chance, that dialog-matching of the dialog
> module fails? (e.g. if two dialogs have a similar callid and tags?)
Hi Carsten,
As this function hashes to an unsigned int, it is not that really safe.
According to the birthday paradoxon you'll get a collision every 2^(32/2) ~
65k (random) messages. Inclusion of more data sources into this hash value
would not help that much, the only mean of elevating this problem is to
increase the hash size.
This assumes a collision by chance. If you assume a malicious attacker that
tries to exploit your system by targeting this hash function, then this is is
not safe at all. For this use case i would suggest using at least SHA-256, to
get a decent protection against this threat. This is of course more costly in
terms of CPU power then the current used hash.
I can't comment to your second questions, as i don't know many details about
the logic that is used there.
Cheers,
Henning
More information about the Devel
mailing list