Subresource Integrity Length Extension?

Forgive me if I'm mistaken, but the current hashing solution detailed
in the Subresource Integrity specification seems to be silent on the
the possibility of length extension with Merkle–Damgård type hash
functions like the SHA family.

One solution would to be use a HMAC construction where the 'key'
material is composed from resource meta data, including the verified
Content-Length, or to mandate a hash function immune to such attacks,
such as SHA-3.


Casual Enthusiast

Received on Monday, 27 January 2014 22:12:00 UTC