Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:96058
Return-Path: <fsb@thefsb.org>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 42488 invoked from network); 21 Sep 2016 13:51:48 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 21 Sep 2016 13:51:48 -0000
Authentication-Results: pb1.pair.com smtp.mail=fsb@thefsb.org; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=fsb@thefsb.org; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain thefsb.org designates 173.203.187.67 as permitted sender)
X-PHP-List-Original-Sender: fsb@thefsb.org
X-Host-Fingerprint: 173.203.187.67 smtp67.iad3a.emailsrvr.com  
Received: from [173.203.187.67] ([173.203.187.67:44419] helo=smtp67.iad3a.emailsrvr.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 5E/D5-04117-27092E75 for <internals@lists.php.net>; Wed, 21 Sep 2016 09:51:47 -0400
Received: from smtp25.relay.iad3a.emailsrvr.com (localhost [127.0.0.1])
	by smtp25.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id D293E2027C;
	Wed, 21 Sep 2016 09:51:43 -0400 (EDT)
X-Auth-ID: fsb@thefsb.org
Received: by smtp25.relay.iad3a.emailsrvr.com (Authenticated sender: fsb-AT-thefsb.org) with ESMTPSA id B99DE2020E;
	Wed, 21 Sep 2016 09:51:43 -0400 (EDT)
X-Sender-Id: fsb@thefsb.org
Received: from yossy.local (c-66-30-62-12.hsd1.ma.comcast.net [66.30.62.12])
	(using TLSv1.2 with cipher DHE-RSA-AES128-SHA)
	by 0.0.0.0:587 (trex/5.7.7);
	Wed, 21 Sep 2016 09:51:43 -0400
To: Stanislav Malyshev <smalyshev@gmail.com>
References: <CAKws9z2EWkNNhM7tOMh-_pQ3iLjVj7hbXTB1Hh3a19utPzj-9A@mail.gmail.com>
 <e741fec3-b301-647c-b24c-dec2fa92554c@gmail.com>
 <7d5727ba-da33-e3c5-1d1f-318c45d81616@cubiclesoft.com>
 <CAKws9z38_QhH8rnshJu=SP1Aav7jhMnVR2H992+Lse7iMeQ3oA@mail.gmail.com>
 <ffc669b5-8764-3879-0c5a-d047d75c9b45@gmail.com>
 <CAGa2bXYad=5CNKUR4GTR-uB8L1Gb-2CJk5Fiperz5D_CTL+rxw@mail.gmail.com>
 <CAKws9z3kP+MRXbAdWW2DCdFNj61v_t=paW4ThjrUYy25hQFRAg@mail.gmail.com>
 <4ad4abc8-9605-fb8d-14ec-49fdbaf8b562@gmail.com>
Cc: PHP Internals <internals@lists.php.net>
Message-ID: <d424d26a-6b77-104b-8246-4fcdba8ebb36@thefsb.org>
Date: Wed, 21 Sep 2016 09:51:32 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0)
 Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <4ad4abc8-9605-fb8d-14ec-49fdbaf8b562@gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] HashDoS
From: fsb@thefsb.org (Tom Worster)

On 9/20/16 10:25 PM, Stanislav Malyshev wrote:
> Note that to avoid problems with opcache we can only randomize on
> initial boot (even then synchronizing among different processes sharing
> opcache may be challenging). That means that the process would be
> running for extended time (at least days, in theory as long as uptime
> allows) with the same seed. Given that, I'm not sure how much
> randomization would really improve.

While randomization doesn't eliminate the problem, isn't it still a 
valid complication for attackers? If everybody's PHP instance is running 
with a different hash key, that's harder to attack than if than if they 
all have the same key, even if the key isn't frequently changed.

It reminds me of when Logjam was in the news and we realized it wasn't 
smart for everyone to use the same default DH primes.

Tom