[Catalyst] Re: Encrypt /Decrypt URI

[A. Pagaltzis]

* Bill Moseley <moseley at hank.org> [2007-05-18 20:50]:
> Using md5s for images, as in your example, is fine. But if the
> images really needed to be protected then that scheme is purely
> security by obscurity.

Yes – as soon as one user has found an image, he has a working
link and everyone else can see it. This is the “obscurity is no
security” aspect: once broken, forever broken.

However, you neglect that by allocating IDs randomly in a 128-bit
space rather than as a monotonically increasing sequence in a
space probably around 9–14 bits, it becomes disproportionately
less like that a user will

    find an image in the first place

before they can share it with the world.

On average it takes about 34 orders of magnitude more attempts to
make a successful guess in a 128-bit space than a 14-bit one. If
the entities being hidden aren’t very critical, I might even stop
there.

In case of these guys with their images, there was a contractual
obligation, so I’d definitely go for a stronger defense. But as
a quick fix, this was a pretty decent first move, and I’d say
it’s rather hard to argue that hashing the filenames was a *bad*
idea for them.

Regards,
-- 
Aristotle Pagaltzis // <http://plasmasturm.org/>