Crypto hash in 'a href'?
-
08-10-2020 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
It seems to me that it would be pretty useful to be able to indicate an expected crypto hash value in file downloads especially since so many application and data downloads rely on mirrored hosting. This could be done as an attribute to an 'a' tag (I'm not sure if there is a better way). In this scenario the browser would of course check the hash and probably remove the file with a warning if the hash didn't match what was downloaded. As far as I know there is no way to achieve something like this today. Is that correct? If that's true is there a good reason that something like that shouldn't be proposed as an addition to the HTML5 spec. And finally, if it is a reasonable thing to suggest, what is the best way to make such a suggestion?
Solution
Already proposed and being implemented in most major browsers. It's called:
Sub Resource Integrity
Subresource Integrity (SRI) allows specifying the digest of the file that you want to include. The digest is the output of a cryptographic hash function, which helps us achieve integrity.
A nice overview is available here by one of the co-authors of the spec.
OTHER TIPS
A feature like this would probably provide little to no actual security benefit, especially when compared to something like SSL or any potential solution to XSS attacks that I'm sure the web standards committees are looking at.
The threat models I can think of where you might try using a hash on a file download are:
1) The website shows a hash and sends you a legitimate file, but someone does a MITM attack and turns the file into malware. If the MITM attacker was competent, they would've also edited the site to show you the correct hash for his malware (or perhaps no hash at all), so trying to show you the hash doesn't prevent this attack.
2) The website shows a hash and deliberately sends you a piece of malware. Presumably, they're showing you the correct hash for the malware, so again the hash doesn't help.
3) The website shows a hash and directs you to another site that hosts the file. Now, if the second site deliberately sends you malware, the hash allows you to detect this. This is the only case I know of where the hash actually does help, and it only helps because it's on a completely different site. Note that this assumes the person putting malware on the second site has no control over the first site and is not MITM'ing you.
P.S. I'd recommend reading the very strongly related question over on Security.SE "What security purpose do hashes of files serve?". The answer there covers a lot of the same ground I just did.
