-
Notifications
You must be signed in to change notification settings - Fork 365
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Protect against attacks. #144
Conversation
An attacker can prevent new items from being admitted to the cache by artificially raising the frequency of the victims. This PR implements an strategy used in Caffeine to occasionnaly let items that would otherwise be rejected.
// hash collision attacks, in which the score of the victims is artificially | ||
// raised so that no new items are admitted into the cache. | ||
// This strategy is implemented by Caffeine. | ||
if incHits < minHits && !(rand.Int() % 127 == 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You can replace the modulus %
with a bitmask &
. This was why 127 was chosen (2^n - 1) so that we could avoid the division at ~1% acceptance rate. The division vs mask was perhaps an over-optimization in this code path, though!
Due to using random eviction, you currently are not impacted by this attack. Caffeine is because LRU is a deterministic algorithm. However I think having some protection is good regardless since it is cheap and documented if you refactor away from random eviction someday. |
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@martinmr What's the status of this? Do we still need it?
Reviewable status: 0 of 1 files reviewed, 1 unresolved discussion (waiting on @jarifibrahim, @karlmcguire, @manishrjain, and @martinmr)
Closing this ticket since it's not a required feature. |
An attacker can prevent new items from being admitted to the cache by
artificially raising the frequency of the victims. This PR implements an
strategy used in Caffeine to occasionnaly let items that would otherwise
be rejected.
Fixes #131
This change is![Reviewable](https://camo.githubusercontent.com/23b05f5fb48215c989e92cc44cf6512512d083132bd3daf689867c8d9d386888/68747470733a2f2f72657669657761626c652e696f2f7265766965775f627574746f6e2e737667)