You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@flume.apache.org by "Ralph Goers (Jira)" <ji...@apache.org> on 2022/03/10 05:41:00 UTC
[jira] [Commented] (FLUME-3406) Inflight events in file channel should not be using MD5 for integrity purposes
[ https://issues.apache.org/jira/browse/FLUME-3406?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17504010#comment-17504010 ]
Ralph Goers commented on FLUME-3406:
------------------------------------
The MD5 is not being used for cryptographic usage and so security concerns are irrelevant. It is used simply to verify that what was read from the checkpoint matches what was written. However, what is important is the speed of calculating the hash. [hash function benchmark|https://github.com/greenrobot/essentials/blob/master/web-resources/hash-functions-benchmark.pdf] identifies several algorithms that are much faster. A [comparison|https://automationrhapsody.com/md5-sha-1-sha-256-sha-512-speed-performance/] of MD5, SHA-1, SHA-256, and SHA-512 indicates they are slower than MD5 and would not be a good choice here.
> Inflight events in file channel should not be using MD5 for integrity purposes
> ------------------------------------------------------------------------------
>
> Key: FLUME-3406
> URL: https://issues.apache.org/jira/browse/FLUME-3406
> Project: Flume
> Issue Type: Improvement
> Components: File Channel
> Reporter: Matt Sicker
> Priority: Major
>
> FlumeEventQueue's inner class InflightEventWrapper uses MD5 for calculating a digest of inflight events. MD5 has been considered unsuitable for cryptographic usage such as for integrity checks for many years now. This should migrate to SHA-256 at least.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@flume.apache.org
For additional commands, e-mail: issues-help@flume.apache.org