Skip to main content

不安全的缓存算法

¥Insecure Cache Algorithms

警告:不安全的缓存密钥算法 (SHA-1)

¥Warning: Insecure Cache Key Algorithm (SHA-1)

LangChain 的默认缓存键编码器使用 SHA-1 哈希算法为 prompt/LLM 对生成缓存键。虽然这在大多数缓存场景中通常是可以接受的,但 SHA-1 不具有抗碰撞性。这意味着有动机的攻击者可能会制作两个不同的有效载荷,导致相同的缓存键,从而可能导致缓存中毒或意外的缓存命中。

¥LangChain's default cache key encoder uses the SHA-1 hashing algorithm to generate cache keys for prompt/LLM pairs. While this is generally acceptable for most cache scenarios, SHA-1 is not collision-resistant. This means that a motivated attacker could potentially craft two different payloads that result in the same cache key, leading to possible cache poisoning or unexpected cache hits.

LangChain 中的缓存密钥生成现已弃用 SHA-1。但是,为了保持与现有部署的兼容性,SHA-1 算法的迁移是可选的,而非自动的。在后续版本中,SHA-1 将被更安全的哈希算法取代,成为默认算法。

¥SHA-1 is now deprecated for cache key generation in LangChain. However, to maintain compatibility with existing deployments, the transition away from SHA-1 is opt-in rather than automatic. In later versions, SHA-1 will be replaced as the default by a more secure hashing algorithm.

为什么这很重要?

¥Why does this matter?

  • 安全风险:如果你的应用暴露于不受信任的输入,攻击者可能会故意生成两个不同的提示或 LLM 键,并将其哈希值设置为相同的值,从而导致其中一个覆盖另一个的缓存条目。

    ¥Security Risk: If your application is exposed to untrusted input, an attacker could intentionally generate two different prompts or LLM keys that hash to the same value, causing one to overwrite the other's cache entry.

  • 数据完整性:冲突可能导致从缓存返回错误的生成,这在敏感或高完整性环境中可能会造成问题。

    ¥Data Integrity: Collisions could result in incorrect generations being returned from the cache, which may be problematic in sensitive or high-integrity environments.

什么时候应该关注?

¥When should you care?

  • 如果你的应用面向公众或处理敏感数据。

    ¥If your application is public-facing or handles sensitive data.

  • 如果缓存完整性对你的工作流程至关重要。

    ¥If cache integrity is critical to your workflow.

  • 如果你有合规性或安全要求,禁止使用弱哈希函数。

    ¥If you have compliance or security requirements that prohibit the use of weak hash functions.

如何缓解

¥How to mitigate

你可以在缓存实例上使用 makeDefaultKeyEncoder() 方法为缓存键编码提供更强大的哈希函数(例如 SHA-256 或 SHA-3)。例如:

¥You can supply a stronger hash function (such as SHA-256 or SHA-3) for cache key encoding by using the makeDefaultKeyEncoder() method on your cache instance. For example:

import { sha256 } from "@langchain/core/utils/hash/sha256";

const client = new CacheClient(...);
client.makeDefaultKeyEncoder(sha256);