Is it practical to log hashed IPs instead of logging
actual IPs, in the interest of user privacy? (Since it
would likely be useless with IPv4, is it a possibility
with IPv6?)
Posted by deleted_by_reddit@reddit | programming | View on Reddit | 2 comments
pkrecker@reddit
I think the lesson learned here is: don't hash the IPs. It doesn't solve any problems. And I am still not convinced there is any security benefit here...
postcd@reddit
Is https://app-eu1.hubspotdocuments.com/documents/142290803/view/1331719984?accessId=b505d9 doing the IP anonymization wrong? Why?
"The IPv4 and IPv6 addresses are processed using the cryptographic hash function HMAC_SHA256, with an HMAC key that is kept in memory only and regenerated daily. The output of this function is then passed through a modulo operation. The value for the modulo is derived from the amount of traffic processed over the past 24 hours by the respective resolver. The modulo value is recalculated daily, along with the rotation of the HMAC key. If traffic data from the past 24 hours is unavailable (e.g., on the first day), the value defaults to 1. After the modulo operation, the first four bytes of the resulting data are replaced with 3fffffff, a standard prefix used in documentation and examples.
Subsequently, the resolver ID is included in the anonymized IP address for debugging purposes; however, this does not affect the anonymization in any way. Finally, the string is reformatted into IPv6 notation. To further enhance privacy, for each anonymized IP address, any resulting queries with fewer than 100 requests are deleted."