mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
Switch file UID hashing from md5 to highwayhash.
This commit switches UID hashing from md5 to a highway hash. It also moves the salt value out of the file plugin - and makes it installation-specific instead - it is moved to the global namespace. There now are digest hash functions to make "static" installation-specific hashes that are stable over workers available to everyone; hashes can be 64, 128 or 256 bits in size. Due to the fact that we switch the file hashing algorithm, all file hashes change. The underlyigng algorithm that is used for hashing is highwayhash-128, which is significantly faster than md5.
This commit is contained in:
Johanna Amann
parent
bc546634d1
commit
3bce313b12
153 changed files with 953 additions and 799 deletions
|
|
@ -5262,3 +5262,12 @@ const global_hash_seed: string = "" &redef;
|
|||
## files. The larger the value, the more confidence in UID uniqueness.
|
||||
## The maximum is currently 128 bits.
|
||||
const bits_per_uid: count = 96 &redef;
|
||||
|
||||
## This salt value is used for several message digests in Zeek. We
|
||||
## use a salt to help mitigate the possibility of an attacker
|
||||
## manipulating source data to, e.g., mount complexity attacks or
|
||||
## cause ID collisions.
|
||||
## This salt is, for example, used by :zeek:see:`get_file_handle`
|
||||
## to generate installation-unique file IDs (the *id* field of :zeek:see:`fa_file`).
|
||||
const digest_salt = "Please change this value." &redef;
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue