2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) (2015)
Rio de Janeiro, Brazil
June 22, 2015 to June 25, 2015
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/DSN.2015.21
A Bloom filter is a probabilistic hash-based data structure extensively used in software including online security applications. This paper raises the following important question: Are Bloom filters correctly designed in a security context? The answer is no and the reasons are multiple: bad choices of parameters, lack of adversary models and misused hash functions. Indeed, developers truncate cryptographic digests without a second thought on the security implications. This work constructs adversary models for Bloom filters and illustrates attacks on three applications, namely SCRAPY web spider, BITLY DABLOOMS spam filter and SQUID cache proxy. As a general impact, filters are forced to systematically exhibit worst-case behavior. One of the reasons being that Bloom filter parameters are always computed in the average case. We compute the worst-case parameters in adversarial settings, show how to securely and efficiently use cryptographic hash functions and propose several other countermeasures to mitigate our attacks.
Cryptography, Electronic mail, Data structures, Indexes, Software, Complexity theory
T. Gerbet, A. Kumar and C. Lauradoux, "The Power of Evil Choices in Bloom Filters," 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Rio de Janeiro, Brazil, 2015, pp. 101-112.